Amid the privacy discussions, I’ve seen a lot of talk about VPNs. If you thought VPNs protect your data, start by watching this video:
https://youtu.be/WVDQEoe6ZWY
TL;DW/R - Do VPNs encrypt your data? No, they just reroute data that’s already encrypted through their network.
Here’s the way it works. Think about your internet traffic in two parts:
- domain (for example, “youtube.com”)
- data - anything sent to and from the domain (specific video URL, passwords, comments, account info, everything)
Your Wi-Fi network needs to know where (to what domain) your data should be sent. Anyone connected to the same Wi-Fi network can see this info.
The data itself is encrypted via HTTPS 99.9% of the time. No one on your network can see your data. 00.1% of the time, if you happen to visit a website that doesn’t accept encrypted traffic, or if the encryption isn’t safe, you get a loud warning from your browser.
When you use a VPN, you’re routing your data to their domain before sending it to youtube.com. That means someone on your network sees you visiting a VPN instead of youtube.com. Obviously, the VPN company sees your domains, because they have to know where your data is going.
Either way - your data is already encrypted, with or without a VPN.
That means the ad: “we protect and encrypt your passwords and data” is, in fact, complete bullshit.
“Should I use a VPN?”
Who are you trying to hide your domains from? The government? Hackers? If either of those is the answer, going after the VPN company or even posing as a VPN company is a great way to collect domain usage from people that want to keep that info hidden. Not saying that’s what’s happening to your VPN company, but you can’t really prove that it isn’t happening either.
If you’re trying to hide domains on a campus or a network with strict monitoring, or you just want to take advantage of location spoofing, fair enough.
https
to be nice :) loading a small image from a different side can also reveal your IP even if you have all kinds of adblocker/ tracker. And it also helps bypass internet censorship.