You've probably come across advertisements or commercial collaborations promoting VPNs promising secure browsing and preventing tracking. Let's take a look at whether this is true.
First of all, before starting this topic, it is necessary to ask oneself a first question:
What is a VPN?
By definition, a VPN (Virtual Private Network) is a tunnel established between two points. This can be:
- A computer connected to a server
- A computer connected to a network
- A network connected to another network
The primary goal is therefore to interconnect several points without having to make its network or server publicly accessible without security.
Most VPNs include built-in encryption during communication. The strength of the encryption depends on the configuration applied and the options available.
Therefore, companies offering VPN services technically offer to connect one or more computers to another network, which is that of the company.
Now let's review the arguments put forward by these companies as to why you need a VPN.
Data is protected against data interception
This argument may be interesting, but not in the context of a VPN.
We can imagine that the VPN client (software installed on the machine to initiate communication) encrypts absolutely all data going out on the internet towards the VPN server, but once they leave the server to go towards the desired service (e-banking for example), they are no longer encrypted (otherwise the final destination server would not understand the data that arrives).
This means that the VPN server has removed the added layer of encryption (this is called encapsulation). This means that theoretically the company providing the VPN can access the data under certain conditions.
So, we see that the security argument is a bit shaky. My advice is to always check that connections to sites where you know sensitive information (login and password, for example) are via https (green padlock next to the address).
Changing country to bypass geo-restrictions
This argument is interesting for accessing film or series catalogs accessible only in certain countries, but not always effective.
Indeed, some services require you to specify a billing address in order to bill for usage. Therefore, geolocation is specified manually.
Furthermore, let's not hide it, these VPNs are also used to SPAM or brute force services. It therefore potentially happens that the public IP (address visible on the internet) is banned or flagged on several services, which risks leading to a ban of the account and/or simply not being able to use it.
Should you use a VPN after all?
From my point of view, it represents more of a security risk, but I'm not saying it's useless.
Be careful what you send over these VPN servers, and only use services that have been audited for security.
