Monday, January 24, 2022 β€’ Welcome to the πŸ’― No-Nonsense Zone!

VPN Explained: Privacy, Security and How You Can Get It for Free

You might have heard of VPNs from some commercials. Hell, you might be even be using one right now and want to brag about how secure your network is. So what is VPN exactly? Is it all that good?

If you have these questions or, on the other hand, haven’t even heard of a VPN at all, you’re reading the right post. Here, you’ll find the necessary general information on this type of network connection for travelers — with the emphasis on travelers — and how to get one for yourself for free.

Most importantly, you’ll learn when you want to use a VPN and when not to. A quick hint: VPN is not synonymous with security or privacy or the lack thereof.

Dong’s note: I first published this post on April 1, 2019, and updated it on August 31, 2020, to add additional relevant information on using a VPN.

Asus GS AX3000 VPN
Many home routers can work as personal VPN servers or clients.

What is a VPN

VPN is short for the virtual private network. It is a method to create a virtual connection within a physical network structure to make a device at one geophysical location be part of a system at another.

Specifically, you can be thousands of miles away from home (or office), but the device you’re using in front of you, via a VPN, can be part of your home or business network. Thus, in effect, it’s like the device (and, therefore, you) were still at home.

2560px VPN overview en.svg
A typical VPN connection.

If that sounds odd, that’s because VPN is not normal. It’s for specific needs. So the question is, why do you want to be part of these complicated “shenanigans”?

Well, that brings us to the good things of a VPN, the reasons why we’d want one at all.

Benefits of using a VPN: Being part of a remote network

The main and possibly only advantage of using a VPN is that you can “spoof” your device’s online location or identity. In a way, you can hide it.

Hide from whom you might wonder. Well, from the network the device’s physically part of in real-time, or from other parties on the Internet (like a website or a streaming service), it’s accessing. It (kind of) doesn’t exist to the former, and to the latter, it appears to exist somewhere else.

So, for example, you’re now at an airport, and your device, say, a laptop, is connecting to free Wi-Fi. On top of that, it’s also connected to your home (or office) VPN, then the following will be true:

  • Privacy and security: Your device, for the most part, is invisible to the local network at the airport. Specifically, the computer of the guy sitting next to you that connects to the same Wi-Fi network will not “see” yours, nor will yours his. Whatever you do online is, for the most part, unknown to any parties at the airport.
  • Location masking: To the Internet as a whole, your laptop will appear to be at the location of the VPN server, wherever it is. As a result, among other things, you can access services available to the server’s locale. For example, you can be in Europe, connecting to a VPN server in the U.S, and watch Netflix shows accessible only to the U.S. audience.
  • Working remotely: When traveling, a VPN allows you to access your home/office network as though you were there.

So, in short, using a VPN, a remote device becomes part of the network at the VPN server’s location, no matter the physical distance between them.

Disadvantages of using a VPN: Being part of a remote network

Nope, it wasn’t a typo. The disadvantages of a VPN are precisely where its advantages are. A VPN is a double-edged sword. Having to connect to a third party before anything else means a couple of things:

(Note: This is with the assumption that you use VPN in its totality, which is the typical case of most users. There are advanced ways to use VPN selectively for particular services or devices of a network, etc. But that’s a different story.)

  • Slow speed, high latency: Since all Internet traffic goes through a remote server, the connection is now slower and with higher latency. Specifically, the download speed at the remote device will be the upload speed at the server’s end, at best. (It’s commonplace that the upload speed of a broadband connection is much slower than the download one.) In short, your device’s Internet speed and latency with a VPN connection are always worse than they are when without.
  • Privacy risk: The owner of the VPN server has access to all of your VPN-connected device’s Internet traffic, and possibly also the traffic of your local network. Keep this in mind before you opt for a third-party VPN service.
  • Extra work or cost: You have to set up a VPN server and maintain it or pay for a service.
  • Isolation: Depending on the configuration, the device might not be able to access certain local services since it appears to be part of a remote network. For example, if a device is in the U.S but connects to a VPN server in the U.K, it’ll reach the U.K market when you want to use Netflix. The same goes for online stores, etc.

The bottom line of VPN and when you should use it

So as you might have noticed. Using a VPN has nothing to do with security or privacy. It’s just a way to make you look like you’re somewhere else, and all that implies.

Assumptions about a VPN

The privacy and security notion of using a VPN is a big assumption that generally includes:

  1. The local network you’re using is not safe. That can be true when you use an unknown open free Wi-Fi network, though not always the case.
  2. The remote network (where the VPN server is) is safe. That’s likely true when you VPN into a home (or office) network, though also not always the case.
  3. The owner of a VPN service always means well. Now, this is almost always not true when you use a VPN service.

This assumption is the selling point third-party VPN providers often use to coerce you into thinking that you need to pay for a VPN service.

Read those three points above again and, once again, keep this in mind:

The owner of the VPN server may have access to all of your device’s traffic. If you get a third-party VPN service, not only that costs you a monthly fee, you’ll also give them access to your online activities.

The business of collecting user information via a VPN connection is so lucrative that many big companies give you VPN for free. Seriously, there’s so much a company can do with that kind of information.

That brings us to the next important part: When to use a VPN and when not to.

When to use a VPN

Again, a VPN allows for being part of a remote network, so you only need one when you’re not physically there. Most of the time, that means when you’re traveling or work from home.

In the former, you want to be isolated from the sketchy network you’re using, and in the latter, you want to be able to access your office’s resources.

Another situation where you might want a VPN is when you need to access a service not available at your locale. For example, if you’re in China and want to access Facebook, a VPN (located outside of China) will help.

Finally, when you want to hide your identity from the Internet service provider or any other party over the Internet, a VPN will also help. Note: I’m not advocating illegal activities here.

When not to use a VPN

Generally, if you don’t need to hide your identity or access some remote services/resources, there’s no need to use a VPN. Using one in this case only makes things worse.

I’ve seen many folks having a VPN installed on their home computer for “security purposes.” That’s completely unnecessary. In fact, you are doing so almost certainly at the expense of your privacy with nothing in return, especially when it’s a third-party VPN service.

Extra: Virtual Private Network (VPN) vs. Domain Name System (DNS)

While seemingly unrelated, you can’t set up a VPN server (or any network for that matter) without at least getting DNS involved.

Read this  How to Change Your DNS Server and Have Better Internet

DNS works like a directory service that identifies and points a device to the website you want to access. After that, your device will interact with the site directly, independently from the DNS server.

On the other hand, a VPN routes all of your device’s traffic through the VPN server at all times. Furthermore, a VPN server also uses a DNS server of its own. So if you use a VPN, you’ll likely use the DNS setting of the VPN’s owner.

That said, a remote device connecting to a VPN network will use the DNS server of that network. As you can imagine, whoever owns the VPN server can manage all aspects of your online activities.

Again, for this reason, Internet giants like Google, Apple, Cloudflare, and so on are all in the business of offering free VPN or DNS services. In this case, take free with a grain of salt since information about your connection — even when gleaned anonymously — is quite valuable.

Common ways to get the benefits of VPN

There are a few ways to get a VPN server. You can subscribe to a paid service, use a free one, or set one up on your own.

Using a paid VPN service

Using a paid service gives you ease of use and flexibility — you can use it for both mobile and regular computers. A paid service tends to promise to deliver fast performance, though that depends on many other factors like the actual location of the remote device.

The downside is, well, it’s not free. And, if a VPN service itself is hacked, which has happened, its privacy protection aspect is canceled out. And you only find out about this after the fact. Also, again, keep in mind that you’re giving away your online privacy.

That said, I generally don’t recommend buying a VPN subscription — mostly because you can get one for free. The truth is, you’re already giving away valuable personal information; why should you pay for it?

Using a free VPN service

There are quite a few free ways to get a VPN for mobile users. For example, if you use Google Fi phone service, a VPN is included for free. However, the best free VPN is that from Cloudflare, called WARP.

Touted as the “VPN for those who don’t know what VPN stands for,” WARP is easy to use. All you need is to install the app on your device — running Android, iOS, macOS, Linux, or Windows — and choose to turn the VPN on, and that is it.

WARP was initially introduced back in April 2018, a DNS app, giving users the option to use Cloudflare’s DNS address as their own. A year later, Cloudflare added the VPN function.

Cloudflare WARP
You can get Cloudflare’s WARP VPN set up on your mobile device via a few taps.

WARP is free to use, and Cloudflare promises to make your device more secure and faster access to the Internet. (There’s also a paid version called WARP+ that promises to be even better speed.)

By the way, Cloudflare promises to respect WARP users’ privacy. Here are what it says in verbatim on this matter:

  • “1. We don’t write user-identifiable log data to disk;
  • 2. We will never sell your browsing data or use it in any way to target you with advertising data;
  • 3. Don’t need to provide any personal information β€” not your name, phone number, or email address β€” to use the App with WARP; and
  • 4. We will regularly hire outside auditors to ensure we’re living up to these promises.”

If that’s not reassuring enough, you should consider making your own VPN server.

How to set up a VPN using a supported router

VPN is one of the most common advanced features for home Wi-Fi routers released in the past ten years. For example, almost all routers from Asus, Netgear, D-Link, TP-Link, and others have this feature built-in.

Asus GS AX3000 VPN
Here’s the VPN interface of an Asus Wi-Fi router. This particular one can work either as a server or a (Fusion) client.

Generally, to use a router’s VPN, you first need to set up Dynamic DNS, which I detailed in this post.

Read this  What Is Dynamic DNS and How to Set Up Yours

After that, using the router’s web interface, turn on the VPN feature, and create accounts for this feature. Depending on the model, a home router can handle three to 30 VPN clients simultaneously.

By the way, you’ll see three types of VPN servers: PPTP, OpenVPN, and IPSec VPN. These are different types of VPN protocols, with the PPTP being the most supported — you don’t need to install extra software to use it in most platforms — and, therefore, suitable for home users. But pick one that best fits your needs.

Now, set up the VPN connection using the information you’ve created at the remote device, including the Dynamic DNS address, VPN protocol and username, and password. Windows, macOS, iOS, and Android platforms have a VPN section that supports standard VPN protocols.

Extra: Ubiquiti TelePort VPN

Suppose you happen to use an AmpliFi Wi-Fi router from Ubiquiti, including the AmpliFi HD (make sure you use the latest firmware) or the Alien. In that case, you have another option for a personal VPN, called Teleport.

Ubiquiti’s Teleport is a sleek and dead easy to use VPN feature for mobile devices.

Teleport only works with mobile devices, and it’s super easy to use. First, you create a Teleport Code using the AmpliFi mobile app. Then, on a mobile device (or up to 10 of them), run the Teleport app, and enter that code. And that’s it, now that device will connect to the Internet using a VPN that links to the AmpliFi router.

The takeaway

Considering how easy it is to have a VPN, there’s no reason not to use one when traveling.

In this case, it’s best to use your own VPN server, but it’s also OK to use a third-party service when necessary. In this case, don’t use it all the time, but only when applicable.

The rule of thumb is when you use a local network of which the security you’re not sure, like one at an airport or a coffee shop, it’s a good idea to use a VPN. Or when you need to access something that’s not available to your current physical locale.

On the other hand, VPN sure is not necessary when you’re already in a safe zone, like a home or office network. The most important is that VPN is not synonymous with security or privacy, and using one willy-nilly can cause adverse privacy and security effects.

β˜• Appreciate the content? Buy Dong a Ko-fi!

23 thoughts on “VPN Explained: Privacy, Security and How You Can Get It for Free”

  1. Hi Dong,

    I’ve been using WARP for a couple of months when I’m out and about and love it. About a couple of weeks back though, I got a notification from Cloudflare that it will install a VPN profile to allow them to secure my internet traffic. There were the usual promises of collecting as little data as possible and never selling my personal information. Do you think it’s worth staying on WARP with the VPN profile thing? Or would I be better off using Asus’ Instant Guard VPN app which also comes free with its router?

  2. The ASUSWRT-Merlin site touts leveraging AES acceleration to improve performance of OpenVPN on the router. How effective is this in real world situations? Any benchmarks?

    Other than certain ASUS models, do other companies support AES acceleration with VPN? Would it be worthwhile to upgrade?

    • I don’t have any benchmark, Edan, since I generally use VPN only while on the road and just for myself. But it works. Also, VPN is not a big factor in how i evaluate routers.

  3. Good overview article. I am an Ex-Pat and live outside the U.S.

    I have a MESH WiFi network throughout our home. That MESH is connected to our FiberOptic internet service which is very good and reliable.

    I have a separate ASUS Router, centrally located in our home that is configured and connected to a VPN server in the U.S.

    We have our modern flat screen TV’s connect to the internet for streaming in two ways. The built-in TV Apps connect the TV’s Wi-Fi to the VPN Router so those App get U.S. content.

    We only stream. No ISP/cable TV service. We also have Apple TV units on those TV’s that connect directly to the internet along with our NAS drives for media content.

    Sometime VPN servers can bog down due to heavy traffic.
    When that happens, I use the nice ASUS phone App that allows me to switch VPN server to another one I have set up in the router.
    Before I had to hook the router directly up to a PC and use the web GUI to do the same thing.

    Home PC’s, phones, etc. can connect to either network for specific needs.

  4. I realize you are trying to simplify a complex topic but certain aspects of your article are a bit misleading.
    1) The software that provides the perceived increase in security is the NAT(Network Address Translation) that makes makes the internet see traffic as coming from the VPN endpoint instead of your home computer not the VPN per say. It gets muddled because “VPN services” typically do both as one bundle.
    2) Strictly speaking a VPN tunnel creates a (typically) encrypted link from your computer to another computer/network but doesn’t necessarily need to allow you access to the internet from that point. e.g. VPN from home into work to access work computers only, but not route the rest of your internet traffic through work.
    3) Most computers will allow you to route some sites through VPN and others directly to internet. It can be quite a pain to manage for multiple sites but can be done
    4) some routers now allow you to setup traffic to go through an external VPN service now

    • You’re correct, Joe. There are many flavors of VPN and things are about nuances. The gist of the post, though, is that most of the time, we, as home users, don’t need VPN, especially when we’re home, or don’t need it for what we’re made to believe that we do.

    • I agree with Joe’s post. The security aspect of VPN’s when connected to insecure networks cannot be overstated. It never ceases to amaze me how many people I see in airports and coffee shops connected to public networks and logging into email or internet sites, apparently oblivious to the danger that creates. All should be urged to utilize a VPN or an alternative to protect their online activity outside of their home network.

  5. Hey Dong, are there any routers yet with support for WireGuard? VPN support seems to be a pretty standard feature, but if I am going to run a VPN at this point I want it to be WireGuard. Seems weird that routers are so slow to add support.

    • WireGuard is very new, Tyler. My guess is it’ll be a while before it’s implemented within a router’s firmware.

  6. Hi Dong. I use a VPN router to connect my Satellite TV box to use the services from my home country. I also connect to the same router for normal internet usage. The problem here is the speed has been reduced because of the VPN. Is it possible to fix the VPN to one band to connect to the TV and leave the other band free and unfettered to offer greater speeds for the rest of my internet work?

  7. In my view, creating your own vpn requires skilled staff to set up, and it has some disadvantages… and you won’t be able to unblock web content as you route traffic through your local IP / all paid providers offers a huge variety of servers from all over the world. So all in all I would prefer going with verified providers.

  8. I can’t scroll on the page… because “content copy disabled” even tho I can copy the content on my non-jailbroken phone using Safari 🀨

    • Thanks for letting me know. I’ll fix that. By the way, you can scroll if you rest your finger on the text part (and not a photo).


Leave a Comment