With the blogs in this series I want to reach not only my typical audience, security professionals, but especially less security aware people to help them improve their personal security. If you think the content is helpful for people you know, share it with them!
Yesterday we learned against what HTTPS protects us. If you missed that blog I recommend you to read it first. You can find it here.
When HTTPS is well implemented it:
- provides a secure connection between a client (your browser) and a server (the web server that hosts a website).
- ensures no one can intercept, read or modify the data between the client and server but it doesn't hide which websites you're visiting from prying eyes.
- doesn't mean the intentions of a website are bonafide or the website can't be hacked.
What is a VPN and how does it work?
VPN stands for virtual private network. It's a way to protect data that travels over the internet. To set up a VPN connection you have to install a VPN client (software) on your PC or mobile device. This client connects with a VPN provider. There are a lot of VPN providers to choose from. Some are free for limited use, but typically it costs a few dollars per month. The connection between the VPN client and VPN provider is encrypted.
And this is important!
What it means is that neither the person who controls the wifi network (potentially the attacker) or the Internet Service Provider can intercept, read or manipulate the data traffic. Keep in mind though that you need to trust the VPN provider, because they are going to decrypt the data before they send it over the internet to the destination server.
This video from my mate Sean Wright perfectly illustrates this. When he opens a site over HTTP he can inspect the request and response. Over HTTPS he can't see the request and response any longer but he still sees a lot of info from which he can detect the website he opened. Parties like your ISP, the wifi network you're using can potentially see the same. When he uses a VPN no one can any longer detect which website was opened.
What does a VPN offer?
In the first place a VPN offers privacy. When you connect with your VPN provider you need to choose a server in a particular country. From then on you'll get a new IP address assigned and your real IP address is no longer visible by anyone except the VPN provider.
VPNs are also often used to access content that's only available in particular countries or to bypass censorship or blocking of content in certain countries.
Because you can't trust that every online service or mobile app implements HTTPS correctly, a VPN is a good extra security measure.
Conclusion
I couldn't phrase it any better than Victor did.
A VPN indeed gives you privacy by design and layered security. Your real IP address is hidden and you're no longer depending on sites implementing HTTPS securely and parties like ISPs can't see which sites you're visiting.
Also criminals that setup up rogue wifi networks to steal your personal data can no longer do so when you spin up a VPN connection. That's it for today folks. Until tomorrow and in the meantime stay safe online!