Using a VPN to protect your online privacy is the single most given piece of advice. This advice can be observed millions of times all over the internet. This advice, honestly, is so bad. It’s borderline malicious or just plain stupid. All the people who follow up on the advice, at best, end up with a false sense of security or even in a worse situation than without a VPN at worst.
VPNs (Best Free VPN To Protect Your Privacy in 2020) are very ubiquitous nowadays, yet they have never been so unnecessary. The present market is incredibly saturated with VPN providers. VPN ads are so common now that there are more YouTube sponsorship deals for VPNs than there ever were for Squarespace. I don’t have any problem with people promoting VPNs or trying to make money with VPN affiliate links; the actual problem is how VPNs are being sold to people and how damaging this marketing practice is.
In this article, I’ll be bursting some of the most common and damaging myths about VPNs.
You can still use a VPN if you are willing to do so but do it for the right reasons and with the right expectations. I use VPNs too, but I know their limitations and adjust my behavior according to them. VPNs, unequivocally, do have their use cases, but none of them involve wearing an anonymous mask. Everybody knows you wear a mask to serve the dark web.
Myth #1: VPNs Make You Anonymous.
The most ordinary and deceptive claim I’ve come across is that using a VPN makes you instantly anonymous. Think this way: how can you ever claim to be anonymous if there is a group of people you’ve never seen who know who you are, where you are, and what you are doing online? In addition, you might have seen that many VPN providers make big claims about hiding your IP address, which is in turn supposed to make it impossible for someone to see your traffic or know your true IP address, but except for the VPN provider.
VPN providers get to see your IP address and what servers you request. If Edward Snowden ever used a VPN to leak the NASA documents, he’d get caught before he even thought about stealing those documents. Yet, very few VPN providers are actually honest about the fact that they are just your single point of failure you’re paying for with your money or data or both.
VPN providers make broad marketing claims about the no-logs policy, which doesn’t mean anything because every network operator keeps a few logs for at least some time. This is like private instant messaging apps claiming that they have no metadata policy, which is impossible. Some basic information about the requests you make has to travel through their servers, and you’ll never get a chance to find out what they actually keep in their records and for how long unless they are kind enough to disclose that information written in plain English somewhere in their privacy policies.
Even if your VPN provider does everything right and even if they delete all the logs immediately from their records, even then, you’re still entitled to have no expectations of anonymity. By making use of a VPN, you’re only rerouting your traffic through a single entity.
Advanced observers like big ISP companies (google, amazon, or your government) can easily correlate to the timings between you making a connection to a VPN server and with that server making a connection to a website you want to see. A VPN technology does nothing to mitigate these correlation attacks. Anonymity with VPNs is technologically an impossible concept.
Myth #2: Using a VPN protects your identity.
This myth results from the perpetual bombardment of false marketing performed by almost all the VPN companies claiming to make you anonymous, promising instant privacy and security, hiding your identity, and more. In reality, the only two key things that a VPN does are hiding your IP address from the sites you visit and encrypting your traffic within its tunnel.
The main thing that is really happening here is shifting your trust from your internet service provider to the VPN company. Just downloading a VPN to your system and expecting it to magically protect your identity is a complete joke. It’s not that simple. Anyone claiming immediate privacy and anonymity through a product is lying to you.
Myth #3: VPNs encrypt your traffic
You will hear this myth illimitably that VPNs encrypt your traffic by not just using any encryption, but it’s military-grade. But guess what, it isn’t 2004 anymore. Almost everything presently is encrypted by default. You may thank Edward Snowden for this when, back then, he had revealed the secret documents of NSA surveillance, and everybody freaked out as a result and started encrypting everything. Your Wi-Fi network is encrypted, and so is almost every website that you visit with HTTPS. Transport layer encryption has become a standard for today’s apps and connections.
For those websites/apps or connections that aren’t encrypted, VPN encryption will not change anything. Why? Because VPNs aren’t meant to just encrypt your traffic, but they also decrypt your traffic. So, when your packets leave a VPN server, they’ll lose all the shiny military-grade protection that you were duped into paying for. And if you want to protect your traffic, don’t just go to any unencrypted website.
Myth #4: VPNs make you private.
As soon as I state that VPN encryption is redundant, there are going to be plenty of comments on how VPNs make your traffic invisible to your internet service provider and the government. Mortals say this because, indeed, your ISP does not immediately see what domains you are visiting, and those domains don’t immediately see your IP address. But VPNs only address one single issue in a massive pile of problems with mass surveillance.
Your ISP or the government both have several options to figure out what websites you visit with your VPN, including the previously mentioned correlation attacks, tracking scripts on websites and inside apps tracking your device identifiers or browser fingerprint, or they can even just go to the VPN provider and ask them for your data.
Numerous VPN providers or servers reside in jurisdictions where law enforcement or private entities can request access, and VPNs have to comply with it, or they sometimes just comply willingly. Virtual Private Networks were not designed for privacy. They weren’t even designed for consumer usage. VPNs were solely designed for businesses to have secure communication between remote offices and workers back in the day when most of the traffic on the internet was not encrypted.
Because all the VPN providers inherently get to see your IP address and know what connections you are making, you have to blindly trust them with your data in a similar way you trust your ISP. It’s not just your VPN provider you have to delegate trust with your data to; it’s an undisclosed amount of third parties that most VPNs are renting their server from. It’s up to their privacy policies if they log your activity or not. Newsflash, most of the providers are logging.
Myth #5: Using a VPN stops Facebook from tracking you.
“Making use of a VPN prevents an X company from tracking you,” this is perhaps the dumbest myth on the list. But in reality, using a VPN changes nothing when you are exposed to advanced trackers. A tracker is going to track the IP address that these VPNs so viciously protect. It’s just one out of hundreds or thousands of data points that can be used to identify and track you.
Your account ids, device ids, cookies, social media accounts, cache, hardware configuration, system version, software configuration, screen resolution, battery like keystroke patterns, camera, microphone, Bluetooth cellular, Wi-Fi, credit card, contacts, metadata, data collection is still happening with or without a VPN.
Read also – How to Stop Facebook From Spying on Your Internet Activity https://www.pcmag.com/how-to/how-to-stop-facebook-from-spying-on-your-internet-activity
Myth #6: VPNs Should be Combined with TOR
This is another common myth that is frequently marketed by VPNs themselves as either being compatible with Tor or going as far as including Tor into the VPN itself. Combining Tor over a VPN is useful when you want to hide Tor usage from an ISP or circumvent the Tor network’s censorship. But Tor bridges also do this without reliance on a VPNs single point of failure and payment trail.
As for VPN over Tor, it will help you correlate all of your traffic to a single VPNs IP address and break the Tor anonymity model, thus making it a hard thing to recommend. In reality, if you don’t know what you’re exactly doing, you should probably not combine Tor with a VPN.
Its complexity is pretty thorough and holds several configurations with different pros and cons, which you shouldn’t be bothered with unless and until you need to know what you’re doing. Tor is a great tool that will independently more than protect almost every threat model, and there is no need for a VPN to be a part of that equation. This same thing also applies to VPNs that offer Tor over VPN. Just don’t use it. Instead, make use of the VPN when you are using a VPN, and make use of Tor when you’re using Tor.
Myth #7: VPN hides your location.
It’s often touted that using a VPN hides your location from Ben Shapiro, and as much as I wish it was true, it’s not. An IP address is just one metric from tracking a person’s location, which is not a very precise one. In addition, all the radio signals can be used to track your location, including cellular, Bluetooth, and GPS, none of which using a VPN does anything with. But, you might object, saying, “I use a VPN on my laptop, and there is no GPS or sim card, and I can disable Bluetooth” you surely can do it.
However, if your devices like laptops and mobile are close to each other and if you have an app with Facebook SDK on your phone, your devices can be linked using various techniques that can confirm that both devices belong to you.
If you have an app with Facebook SDK on your phone, it can trace the cellular connection or GPS diffusing from your mobile phone. So, suppose you browse a website having a tracking script of Facebook using your Laptop. In that case, this tracking script can use some of the functions of your Laptop like the speakers and microphones to communicate the particulars among themselves. If your mobile device has an active GPS or a cellular connection, it can be linked to your VPN Laptop.
This enables Facebook to link your mobile device with your browsing activity on your VPN laptop, obtain information regarding your real-time location, and easily identify you as a VPN service user. In many use cases, the VPN service can be replaced with a more free and open source and with an actually anonymous TOR network from paid and untransfer VPN service. However, there are also some use cases for a VPN service, in which TOR is proved to be insufficient for streaming HD videos, torrenting, and gaming.