Are VPNs Safe? Here’s Why & How You Should Choose Yours Carefully
Virtual Private Networks (VPNs) have become quite popular over the last several years as they help internet users restore privacy and security, among many other uses. However, there have always been concerns about the level of security that VPNs offer, especially when it comes to the free ones. What happens to your data after you tunnel it through their network?
Well, in a nutshell, whether you remain safe or even get in more danger depends on the VPN you choose. Some VPNs do well at providing privacy and security such that even if a government raids their servers, they can't retrieve any useful information. Others collect your data, store it on their servers, and even sell it to any interested third parties.
In this guide, we help you answer whether VPNs are safe by looking at the dangers of free VPNs and the security factors you should consider when choosing a VPN.
The guide also looks at:
- How VPNs provide security
- Why you should choose a premium VPN
Table of Contents:
- How VPNs Ensure Security
- Are Free VPNs Secure?
- 7 Reasons Why You Should Avoid Free VPNs
- What Factors and Features Make a VPN Safe?
- Why You Should Choose a Premium VPN
- Wrap Up
When you connect to a VPN server, the VPN encrypts your entire internet traffic and securely tunnels it through an encrypted tunnel to the VPN's server. This server then spoofs your IP address and connects you to the internet, making it appear as if you are located where the server is located.
The encryption provided by your VPN ensures that nobody snooping on your traffic, including the government and the ISP, can know what you are doing on the internet. It also ensures that no hacker can intercept the traffic to steal your data, meaning that everything you transfer on the network will be safe.
Image source - pixabay.com
Finally, the fact that you have a new IP address means that everything you do on the internet will not be directly associated with you. The IP address is shared between hundreds or even thousands of users in most cases, so your online identity remains anonymous.
However, remember that the level of security, privacy, or anonymity you get depends on the VPN you are using, as they are built differently and use different standards.
Free VPNs are very popular as they offer users the chance to gain several VPN benefits without spending a penny. However, the problem is that these VPNs also have to meet their operational costs and make a profit. After all, they are not run by charities. This results in lots of dangers that we shall look at shortly.
Apart from that, these VPNs have to operate without depending on subscription income. This means that their budget is trimmed, and they’ll try as much as possible to keep their expenditures down. Unfortunately, this also means compromising on security. Free VPNs don’t have the features and functionalities that make a VPN secure, so you can't be sure of the level of security you are getting.
- 1. They compromise your security
- 2. They track your online activities
- 3. The sell your data
- 4. They target you with ads
- 5. They are blocked by various services
- 6. They slow down your internet speeds
- 7. They limit your data
Below are several reasons why you should stay away from free VPNs.
Security was the main reason behind the creation of VPNs. However, as the internet evolved, these tools became even more popular as they provide many other functionalities such as changing IP addresses and unblocking content. Free VPNs tend to focus more on the other functionalities, as most users can't tell the level of security a VPN offers at the end of the day.
A study conducted by CSIRO found that 18% of the 283 free Android apps tested didn’t even encrypt user data, despite stating that they do so. This means that such VPNs give users a false sense of security while still being vulnerable to attacks and eavesdropping.
Apart from that, free VPNs don’t provide advanced security features. Further, they do not have the budget to enforce strong data protection methods, and SuperVPN, GeckoVPN, and ChatVPN recently proved this. The three free VPNs left their servers poorly configured and exposed records of over 20 million users. SuperVPN had previously been banned from Google Play Store after it was exposed to be a tool for hackers to exploit Android devices.
A VPN is supposed to hide what you do online from your ISP and any other snooping eyes. However, in the case of free VPNs, you’ll just be transferring the data from your ISP to them. These VPNs tend not to offer a zero-log service, even when they promise to.
This means that when you use such a service, you won’t really be private or anonymous. The VPN can see everything that you are doing, and in case of a legal proceeding or even when a copyright troll comes knocking, that data can be used to identify you.
If you are not paying for it, you're not the customer; you're the product being sold.
Data is the new gold, and anyone that has your data can make a ton of money off it. This is even more lucrative if a company can get people to give out data about their real identity, location, and online habits. That’s what free VPNs do. After they collect your data, these VPN services can sell it to marketers who can use it to target users or even governments that want to track users.
The latter is even scarier when you consider that lots of these free VPNs are owned by Chinese companies. The VPNs tend to state Singapore and Hong Kong as their countries of registration, but owners of the parent companies are usually from Mainland China. For example, according to a recent study, Innovative Connecting has three subsidiaries, and together they run more than ten free VPNs. The company is owned by a Chinese billionaire. Considering that China doesn’t allow VPNs, are these just tools used to collect data?
Most VPNs register malware when you run their apk files on Virus Total. This malware is mostly adware, and it's used to bombard users with ads in exchange for the free service. This can get quite annoying and lead to a lot of overhead.
The fact that they show ads also means that they are tracking you and most likely using other illegal means to generate income through your connection. For example, in 2017, Hotspot Shield VPN received an FTC complaint for using over-the-top privacy violations to serve ads. This was only done to users of their free VPN service.
Free VPNs are used by millions of people worldwide, and thousands of users usually share a single IP address. This leads to the IP address being blacklisted by various sites as it is associated with lots of activities, some of which may even be illegal. This is worsened by the fact that free VPNs only have a few servers being shared by everybody.
Considering this, you may end with a poor online experience as the IP address will be blacklisted by lots of sites. Even on Google, you will have to fill lots of captchas as your traffic will be identified as part of a bot network (t0o much activity).
The fact that free VPNs only have a few servers that are available for everybody means that thousands of users will be crammed in one server. This automatically results in slow speeds, especially considering that free servers don't have much bandwidth.
Apart from that, free VPNs may also intentionally cap your speeds to force you to upgrade to their premium service. Some of them only give up to 3 Mbps.
Another tactic that these VPNs use to force users to upgrade is limiting the amount of data they can send over the network. Free VPNs typically set a limit between 500 MB a day and 10 GB a month. This amount of data can only be useful if you want to browse lightly for a short while.
- Recommended Encryption Standards
- A Zero-logs Service
- A kill Switch
- IP & DNS Leak Protection
- Secure Protocols
The security and privacy offered by a VPN depends on the technology it uses, its policies of operation, and the features offered to curb any potential exposure on the client side. Here are the core considerations for a secure VPN.
A VPN encrypts data before it sends it, but the security of the encrypted data depends on the algorithms (ciphers) used. These ciphers are responsible for encrypting your data, establishing a secure connection to the server (handshake), and authenticating data and SSL/TLS connections. The security of each cipher depends on the key size used.
AES (Advanced Encryption Standard) with 256-bit keys is the gold standard for encrypting all user data. The cipher is very secure, and it would take billions of years to break it. Handshake is typically done using RSA (Rivest-Shamir-Adleman) algorithm, with RSA-2048 being the currently secure version. SHA-2 (Secure Hash Algorithm 2) is the recommended authentication standard.
When you connect to a VPN, the tunnel created only goes up to the VPN’s server. This means that whatever you access through the server is visible to them, and they can also see the IP address you used to establish a connection to them. In short, they have everything about you and your activities, and your privacy depends on how they handle the information.
A VPN can always disconnect because of a malfunction or a loss of internet connection. Before it reconnects, your data is usually exposed to the ISP and any other online service that you may be connected to. This is a huge risk, especially if you often carry out sensitive tasks such as torrenting.
A kill switch helps ensure you stay protected by discontinuing all internet connections until your VPN reconnect, meaning that there’ll be no period when you are exposed. A secure VPN needs to provide this functionality, and you also need to test it to ensure it works.
IP and DNS leaks always happen, especially if you are on a Windows PC. An IP leak exposes your real IP address to an online service, and this address can be used to trace you or find details about you. DNS leaks, on the other hand, send your DNS requests back to your ISP, exposing the websites that you access.
Before you choose a VPN, ensure that it provides IP and DNS leak protection. These features are usually found under advanced settings, but some VPNs integrate them automatically. Ipleak.net can help your VPN to ensure that it doesn’t have any leaks.
VPN protocols are responsible for tunneling your data to the VPN server. Just like with encryption ciphers, the protocol used also determines the security and reliability of the tunnel.
The most recommended protocol for VPNs is OpenVPN due to its superb balance of security and speed. However, you can also use other newer protocols such as WireGuard and IKEv2 as they are secure and fast. A secure VPN should provide at least one of the above. Avoid PPTP and L2TP as the former is insecure while the latter is slow.
- Faster Speeds
- Solid Privacy & Security
- Unblock Netflix & other Streaming Services
- Bypass Censorships
The VPN industry is very competitive, and premium VPNs try as much as possible to outdo their competitors by providing a superior service. This ultimately leads to better services for the user.
Premium VPNs invest in superior infrastructure, apps, and technology. These VPNs usually have high-speed servers that are spread all over the world to ensure that there's always a server near you. The servers are also many to provide optimal online performance.
Premium VPNs are dedicated to ensuring privacy and security. Most of them use the recommended security standards, and they don’t log any user data. Some like ExpressVPN have even switched to RAM-only servers to ensure no user data is ever written to the hard disk. They have also had third-party auditors confirm their no-logging claims, so you can be sure that your activities can’t be traced back to you.
Streaming is a huge reason for choosing a VPN today. However, only a few VPNs can provide the functionality as most streaming services block VPNs to comply with licensing agreements. This is true for the likes of Netflix, BBC iPlayer, Hulu, Disney+, DAZN, and many more.
Nevertheless, the best streaming VPNs can bypass these blocks by frequently refreshing their IP addresses and using advanced unblocking technologies on their servers. Some VPNs provide dedicated streaming servers, while others can unblock these services using pretty much any server.
If you like streaming on a device that doesn't support VPNs, such as a Smart TV or gaming console, you can choose a VPN that offers a Smart DNS service.
Government censorships are on the rise, and if you reside in or are traveling to a country that imposes such regulations, you will need a premium VPN that can bypass them. It's important to note that these countries also block VPNs, so most VPNs won’t be effective.
To bypass censorships, choose a VPN that offers obfuscation or scrambling features. The two disguise VPN traffic to make it appear like regular HTTPS traffic, bypassing deep packet inspection (dpi). The features are only found in premium VPNs.
So, are VPNs safe? Well, as you have seen above, the security you get depends on the VPN you choose. As a rule of thumb, avoid free VPNs as they compromise your security and can even worsen your online experience. To ensure maximum privacy and security, go with a reliable premium VPN. These VPNs require an active subscription, but they provide lots of functionalities that ensure that you get value for your money.