There are a lot of myths about VPN services, and we want you to understand how the top VPNs really work before you decide to use one. When we know what we can realistically expect from a product, we are less likely to be disappointed in how we spent our money. First we will talk about three new myths that we noticed have surfaced lately, then we will go over seven other older ones just as a reminder to all you current and prospective VPN users out there.
Data Privacy, IPv6 and DNS Leaks, and Tor
With a VPN, your data is not always kept private. You must always read the fine print of any VPN’s terms and policies. Some VPN companies call themselves privacy services, yet your data may not be kept private by the company. These services will offer online privacy, but they are the ones who are doing the spying. The data that you give them when you sign up may be sold to third parties, especially if the service is free. Selling that data is how they make money. Several such services have been caught out recently by their policies. Hola says that you can surf securely, but the company actually sells users’ bandwidth in botnet fashion. Onavo, now owned by Facebook, collects personal information as well as device and browsing history. The VPN gives Facebook access to the entire network used by the phone, so they can get app usage and other activity logs, too. VPN Defender analyzes mobile data and app use which can include personal data, and also does device monitoring. This is very odd for a VPN, until you realize that it is now owned by the company App Annie, which does mobile analytics and sells that data to other companies.
IPv6 is rolling out, and only a small percentage of websites and online services support it at this point. But when we are talking about privacy, you need to be absolutely sure. VPN providers who have not upgraded to handle IPv6 traffic or use third party clients will leak data when users connect via IPv6 or connect to sites that are on it. Some VPNs are also vulnerable to DNS leaks, especially when they use third party servers. These servers cannot be controlled and so can be subject to logging or monitoring, and may also be vulnerable to hacks.
A lot of people say that you can use Tor instead of a VPN, but the two are far from the same. First of all, Tor does not hide a user’s identity, and recent studies have proved that it is vulnerable to hacking. Tor does not encrypt data at the exit nodes. What Tor does is route users’ connections through a bunch of independently run connections. These connections are not secure and Tor has no control over them or their administrators.
Some Old Myths to Review
The first myth is Internet anonymity. Strictly speaking, this is not possible. There is always something that can be used to identify you when you go online, even when you use a VPN. The company itself has information about its users, even if it’s just an email address or Bitcoin wallet that was used to sign up for the service. Whatever it is, this one piece of data can be used to trace a user until his or her identity is revealed. What you can realistically expect from a VPN is privacy from snoops on the Internet. A VPN prevents other parties from knowing what you are doing online, which can prevent them from easily tracking you and launching scams. A VPN cannot remove every bit of data that relates to a user, but it does keep most of it private.
When VPNs advertise anonymity, they probably mean privacy, as stated above. This also means that they keep data private from other people on the Internet and not necessarily from everyone. Many VPN services keep logs of their users’ personal information and activities while using the VPN. Some of these use the data to turn a profit, as discussed above. Others keep it because they are obligated to by law in case a criminal uses their service so he or she can be caught by having that information passed over to the authorities. These are shady practices, but not all logging is bad. All VPNs have to log some degree of information to keep their services running smoothly, to limit use of the tool as per packages paid for, and to help users who are having technical difficulties. Some also log a bit of user activity – without linking it to personal information or selling it – to learn more about what their users need. The bottom line is that the most trustworthy VPNs will take as little information as possible and keep it for as little time as possible, then be thorough in disposing of it.
