Virtual private networks, or VPNs, have many benefits. By expanding private networks across the public web, they grant you greater control over where your traffic goes and who handles it en route. From helping users safeguard their identities to hiding information from the eyes of dictators, these technologies have played crucial roles in the modern internet as we know it.
Of course, there’s a catch. The value of a VPN only goes as far as the underlying implementation. For instance, if you use a network from a negligent provider, then you might not reap all of the security benefits you thought you were getting. One of the most notorious forms of bad VPN, however, is the no-cost variety. Although they seem like great deals at first, they exemplify the idea that if a commodity is free, then it’s usually because you’re the commodity. Here’s why.
VPN Basics
VPNs route information through unique link structures known as tunnels. Instead of sending your information through the complex routing paths that most internet traffic follows, they take more direct shortcuts. Unlike the vast majority of internet services, these tunnels aren’t publicly advertised, so they’re far less discoverable or vulnerable to third-party snooping.
VPN tunnels let you create connections between two locations without the intermediaries. They can also include features like encryption, making them great for powering sensitive communications and secure business apps that need to comply with privacy laws. What’s more, many use multiple layers of security to enhance their benefits. For instance, your VPN might encrypt the messages you send as well as the data packets that contain them.
Drawing Contrasts Between Free VPNs in the Wild
It’s important to distinguish between different types of free software. In this case, we don’t mean free and open-source software, or FOSS, which lets anyone view, share or modify the code. We’re talking about free as in software services and apps that the end-user can use without paying.
Many of the technologies that power VPNs are based on FOSS software, such as OpenSSH. Because these tools enjoy strong community support, bugs and exploits get found and fixed quickly. For instance, you might pay for a VPN service that uses underlying free software, such as encryption frameworks.
The big problem is that if you’re like most users, then you’re not going to build your own VPN from scratch. Instead, you’re reliant on companies that provide prebuilt systems with the features you need. If they don’t do their due diligence, then you could be vulnerable to any number of threats.
Why Free VPNs Aren’t Really Free
It costs money to run a VPN. For instance, someone who wants to tunnel through the internet without taking as many detours along the way needs more than just their own computer. The link requires another server to reach out to.
Even though the costs of operating such machines are constantly decreasing, they still represent a non-negligible expense. So does the programming time required to build the software, troubleshoot errors and solve user help tickets.
If you’ve been paying attention, you’re probably wondering the same thing we did when we realized this: What’s funding all of those free VPNs? After all, it’s not as if billionaire tech CEOs are secret superheroes who work by night to spread free computing services to the world. The companies that offer complimentary virtual private networks have to pay for them somehow. More often than not, they do so by selling your data.
What’s Really at Risk With a Free Service?
Most people who use VPNs do so for privacy reasons. Such usage may include tasks like using your payment cards to make purchases or sharing identifying information. In other cases, you simply want to get around censorship or prevent people from associating specific web traffic with your home or work computers. You could jeopardize everything by sticking to no-cost VPNs.
Your Entire Identity on the Line
When you use a free service, the fact that you’re not paying incentivizes the provider to steal your information. Think of it like walking into a store that was going out of business, declaring that you weren’t going to pay for anything and leaving your wallet on the counter while you sampled the wares. The shopkeeper might be tempted to take a look inside your billfold. Free VPN providers are similarly driven to open up a few packets here and there in search of digital riches.
As this analogy makes abundantly clear, free VPNs aren’t necessarily run by evil people. This fact doesn’t mean, however, that we’d advise placing your faith in their altruistic motives or ability to resist temptation.
Even if the company doesn’t outright take your information, it might sell data about the sites you visit and your habits to third-party advertisers that pay good money in return. The free VPN provider gets to keep their servers running, but all you get is a bunch of ads that are probably tracking you across the web. In other words, it defeats the whole purpose.
Bad Business Models and Worse Associations
Other free VPN money-making schemes are a bit more insidious. For instance, some companies have been known to sell their users’ bandwidth to offset the costs of running their services, and hackers have used such bandwidth to run botnets that attacked other sites. In other words, you could unconsciously be aiding criminal activity, which would draw precisely the kind of attention most VPN users prefer to avoid.
Struggling With Substandard Service Quality
Another flaw of free VPN services is that they aren’t as good as paid versions. To save costs and keep their profit-leaking vessels afloat, many operators impose service limits on users. For example, your virtual private network might be free yet restrict your bandwidth, slow your connection or even freeze your account entirely. These aren’t exactly the problems you want to deal with if you’re fighting an oppressive regime or trying to torrent a file.
The Final Verdict on Free VPNs
Cost-free VPNs are never as gratis as they claim. They simply pass on their operational overhead to their unwitting users. With VPN costs continually decreasing, our opinion — and the security industry’s — is that users who want to stay safe should pay for the privilege.