What is a VPN

At a simplistic level, a Virtual Private Network (or VPN as we shall refer to them going forward) is a method of connecting to private and public networks.  A VPN uses cryptographic techniques to encrypt and encapsulate the data sent along the connection, this data can only be decrypted, by the endpoints devices.  By endpoint device, we mean a computer that sits at either end of the encrypted connection.

Diagram

With a VPN, this end to end connection is created in such a way as to ensure your security and more importantly, your privacy.  Privacy and security are delivered by using cryptographic algorithms to encrypt the data between the endpoints.  Sounds complicated? It is, however, don’t worry about it.  In most cases, your computer does all the hard work, and all you have to do is

  1. Install or configure an application.
  2. Input a username and password.
  3. Connect the VPN, don’t worry about this you don’t have to plug anything in, you usually just have to click a button, simple.

Diagram?

The most common use of Virtual Private Network technology is on the internet connecting up to secure websites.  What’s a secure website you ask, have I missed something, relax you haven’t. When you connect to a website you use a protocol, sounds painful yeah! What is a protocol? In this situation, is a clearly defined way of passing information between two applications, your web browser and a web server.  The most common protocol used is HTTP (HyperText Transfer Protocol), it’s been about almost since the start of the internet, HTTP passes information in cleartext.  It’s not invisible as the name may suggest, it just means you can, with the right software, look at the information and pick out text.  Cleartext is fine for a lot of applications, who is really bothered that you are reading a sports report from last night’s game.  

However, if you are accessing your online banking, buying from amazon, or logging into you electric service provider, passing your username and password, in cleartext would not be good, a hacker could look at the information you are sending back and forward and pick out your user name and password, they could then maliciously access your account. The solution is to use a secure version of HTTP called, wait for it HTTPS, this protocol encrypts traffic between your browser and the webserver.  So if someone does see the information going backwards and forwards all they get is a lot of random characters, it’s kind of cool I think. HTTP is being phased out and being replaced with more secure HTTPS, the secure version of HTTP.  All banks should be using HTTPS already.

HTTPS is a certificate based conntection that negatioates a secure connection between the browser and the end point server.  This type of connection is symbolised in your browser by the padlock or by the address being green.  But always check the address and never go off a link sent to you in email, unless you are sure its correct.

Another common use is by corporations or organisations to protect the transmission of sensitive data; this is typically for end-users, who connect up to their corporate network over the internet. In this scenario, a VPN client on the user’s device connects to a VPN server; this is a very secure, internet-connected server usually protected by a firewall.  It allows the end-user to connect to services and data on the corporate network, over the internet, in a very secure manner as if they were directly connected to the corporate network.

The question most likely going through your head at the moment is this.

“I can understand the HTTPS and VPN stuff for online banking and corporations, respectively.  But why would I want to use a VPN?” 

Let me outline the various reasons and uses; this is not a definitive list by any stretch of the imagination.

  1. Privacy, many people have serious concerns about
    1. Governments using technology to monitor what they do online
    2. Tech Companies reselling user data, this can be via browsing history or purchases made, website visited. You may have noticed that if you look, for example, shoes using a search engine, that some of the adverts on websites you visit, maybe for shoes or related products.
    3. Criminals or hackers using technology to access what we do online for a whole range of reasons. Including identity theft and fraud.
  2. A VPN can allow access to content not available in the country or state of origin.
    1. In some countries, it is illegal to access news websites that are not friendly toward the regime’s point of view — for example, social media, e.g. Facebook and Twitter.
    2. For copyright or licensing reasons, e.g. the content available on Netflix USA may differ from the content on Netflix UK.