• Quiet Red Media

It's a Wild, Wild Web #1

Updated: Aug 2, 2019

VPN Crash Course: A Little About VPN Software and Their Providers


Disclosure: Hello people! Just so you know, this post includes affiliate links, which earn us a commission (no extra cost to you). This is one of the things that helps us run this little shindig. You can read our full disclosure here. Now, enjoy the read!



VPNs… What are they? What do they do? How do they work? Why am I asking so many questions? Let’s get into all o’ that! Get ready for acronyms galore.






Many of you out there have probably heard of a VPN. However, I’m sure some others have no idea what I’m talking about. So, this time around, I’m going to be talking about that.


What is a VPN?


VPN stands for Virtual Private Network. That’s a fancy way to describe a network of servers hosted and maintained, usually by another party, that you then remotely connect to and move your web traffic through.


Confused yet?


Let me break it down a bit further. See, when you use a VPN, you’re sending your web traffic through the VPN host’s network of servers, effectively bypassing your internet provider. The intended result is to hide your personal IP address and anonymize your internet activity. Even from your ISP.


Now, some of you might say to yourselves, “Why does my left toe itch when I scratch my nose?”… wait, no… that’s probably just me. All right, but you might think, “Why would I need to hide myself from anyone? I’m not doing anything wrong.” Well, I’ll tell you. For the same reason you’d close your blinds at night, or shut the door when you take a shower. I’m talking about privacy, baby.


This is about, not only your privacy, but your piece of mind. That same reassurance that occurs when you shut that bathroom door or draw those blinds. You know you’ve solved a problem and given yourself a little layer between you and any prying eyes. So, why not do the same for your virtual self? They need love, too!


Still with me?


Okay, good. I was worried about you… You were drooling. Anyway, my point is this, if it were as easy as shutting a door or closing your blinds, would you take the necessary steps? I know I would. Well, let’s be real, it’s not quite that easy. But it is far from difficult! As the digital landscape moves forward at the rapid pace that we’ve all come to love, these things have become far more accessible. You no longer have to be a tech geek or have an IT professional in the family. So, you can go ahead and drop your cousin Gary from the holiday invites. We all hated Gary, anyway.


With just a little research, you too could become a well-informed, internet savvy badass! But, that’s why I’m here… so you don’t have to! I’ll give you some places to start, so you can shut those blinds for yourself. I’ll try to break this into easy-to-digest pieces.


To start, there are a few points to consider when looking for a VPN.


1. Jurisdiction

2. Privacy Practices

3. Reliability

4. Server Choices

5. Security

6. Fail Safes

7. Ease of Use

8. Bonus Goodies


More than a few things to bear in mind, right? So, let’s get into it.


Jurisdiction


The location of the VPN company’s operating headquarters is something to take into consideration. All international privacy practices were not created equal!


Let’s put it this way: Let’s say you have a tasty homemade cookie and you need to give this cookie to someone to take care of while you save a dog from a well. (Look at you, all heroic and stuff.) You have Timmy and Becky. Timmy is a great friend and totally trustworthy. But ol’ Tim has a notoriously nosy and hungry cat. Becky, on the other hand is just as trustworthy, but Becky has no curious, nosy or hungry animals of any kind. Which would make the most sense? Timmy is a good guy and all… but you just can’t trust that damn cat. So, Becky it is!


Okay, that was a long and unnecessary analogy, but I think it gets the point across. There are some governments around the world that have somewhat iffy privacy practices, and others still that are downright dubious. Those hungry bastards.


In the world of privacy, there is a certain grouping of governments that have a policy of sharing information and intelligence with one another. Some otherwise know this as “mass surveillance”. I won’t get into the details of that, specifically. What you need to know is that there are three groups known as the Five Eyes, Nine Eyes and Fourteen Eyes, respectively. These groups consist of the following nations:


  • Five Eyes: Australia, Canada, New Zealand, United Kingdom, United States

  • Nine Eyes: Denmark, France, Netherlands, Norway

  • Fourteen Eyes: Belgium, Germany, Italy, Spain, Sweden


In short, avoid these, if possible. The basis for this agreement lies within the Five Eyes and expands into each category thereafter, making the Five Eyes the most aggressive and the Fourteen being the least (other than those not within any of the listed nations). At the very least, it’s a worthwhile rule of thumb to avoid choosing any provider from the US or UK. Among other things, gag orders are a factor, and even if the company has good policies in place, they could be put between a rock and a hard place and you’ll never know until it’s too late.


That sounded a bit scary... All I’m sayin’ is, do some quick research and look into where the privacy software is coming from. It matters.


However, I personally use a provider from one of the Fourteen Eyes, but their privacy practices are stellar. We’ll get into that a bit more, next. And thank hayzoose… If I write the word “eyes” again, I’m gonna puke.



Top pick outside the Eyes:

  • ProxySh


ProxySh is a notable VPN provider based outside the Eyes, in Seychelles. A solid service that provides many other features to help you stay safe and secure online. They even offer refunds, should you decide to go another route.



Privacy Practices


After you are aware of what jurisdiction your prospective VPN providers are in, next you’ll want to dig into their privacy practices.


The main thing to pay attention to here is data logging. Some VPN providers log certain information gathered from their users. This information can then be passed on to those damn nosy cats (Remember them? They remember you!). Depending on where their jurisdiction lies, they may be legally compelled to share information if it’s requested. But wandering whether they share information or not becomes a bit less worrisome if they don’t have any to begin with.


This bit just takes some due diligence on your part, as a consumer.


Look, nobody likes reading policy pages, but that’s where the meat and potatoes lie. There are some providers that take a staunch position on trying to provide true privacy and do indeed keep no logs, or at least only keep those needed to use the service (and sometimes only temporarily). So, even if they were ordered to hand over all information, it wouldn’t matter. Again, it’s not about whether you’ve got something to hide. That kind of detail is simply, for me, what fosters trust in a privacy tool and/or provider.


Beware that some will say that they do not log data but have contradictions in their written policies. Pay attention to this and don’t be fooled!



Top pick in privacy practices:

  • HideMe


HideMe is another solid service, based out of Malaysia. They have a strict zero log policy. Not just “no log”, but ZERO. That’s a bold claim, and they seem to back it up with a robust VPN package that does exactly what you need it to.



Reliability


Reliability is an aspect that can’t be overlooked. A good VPN should provide competitive speed, availability and connections.


The speed needs to be sufficient for whatever you’re using the connection for. Everyone has their own needs, here. Personally, I’ve never had a huge problem with losing some speed when connected to my VPN, as long as it’s not detrimental to what I’m doing. Take this for what you will and do your research on what kind of speeds your prospective providers offer. There are some pretty big differences in speed between VPN providers.


Another detail to take a look at is the number of device connections you can have while using your VPN. For me, it wouldn’t be passable if it only allowed one or two connections, concurrently. I use, at minimum, three devices, all connected to the internet. This will be different for everyone and some of you may be fine with a lesser number of connections. It’s just a small caveat to consider.


Oh, and word of mouth counts here, too. People will generally tell you when they have a bad experience with a product. It wouldn’t hurt to ask around or sift through some reliable resources.


I’ll lead into the next section by mentioning the number of servers and countries offered by the provider. Let’s take a look at these, next.



Top pick in reliability:

  • NordVPN


NordVPN is a very popular VPN, and for good reason. They provide a number of excellent features and a very nice service. Nord makes use of fast speed servers, unlimited bandwidth & data, 24/7 support, and allows a staggering six simultaneous connections.



Server Choices


So, you're still here? Kudos to you! Let’s continue with our riveting editorial here, shall we?


As I mentioned before, the amount of servers offered is something worth looking into. It’s worth noting, not only how many, but where these servers are located.


Here’s why.


Put simply, the more servers there are to choose from, the more options you have. If, for instance, you have issues connecting to a particular server, it’s always good to have backups and alternatives. This also plays into the above section a bit. The speed of your connection can be affected by where the server you’re connected to is actually located. If a provider only offers a handful of servers, they might not have anything within a reasonable location for you. Duh… geez, I thought you were following. Keep up!


This could be a hassle to you, especially if you’ve paid for a service, and even more so if you’ve paid in bulk for several months at a time. Keep in mind things like censorship, as well. If you’re someone who is trying to bypass restrictive firewalls and the like, having the right server locations to choose from really makes a difference. There are many potential benefits to having your traffic look as though you’re in a certain region (ahemstreaming). We won’t name names.


One more thing.


The last point here is whether the servers your VPN provider uses are virtual or dedicated servers. I’ll make this one easy and just say that having a dedicated server is ideal. It means the server and the data on it is specifically allocated, owned and not shared. That’s a good thing. And there’s my segue into the next section… boom.



Top pick in server choice:

  • EarthVPN


EarthVPN has servers in 54 countries, with 190 physical locations. They provide a strong VPN that includes offshore servers, capable of P2P traffic.



Security


Ah, now we’re getting to the good stuff. Obviously, this one can’t be overlooked. The security methods used by a VPN provider are what set the low tier providers apart from the worthwhile offerings. The types of encryption used are a big deal in digital security. Don’t just take them at their word when they make claims of “military grade” protocols. That’s a vague statement and can be true or false in a variety of ways. For a VPN to be considered worth its salt, it needs to be up to snuff with its encryption methods.


If you want to play it safe, go with a VPN that provides a good default data encryption, such as AES-256. AES (advanced encryption standard) is the one to look for, here. Look for the “256”, as well. This number denotes the block size (the length of the bit string). The higher, the better. A block size of 128 (AES-128) is passable. You should be able to find this information on the provider’s website, or in their documentation. Look for the nitty gritty specs for the VPN software and have a gander.


You’re loving this, I can tell. I know, it’s exciting stuff. Let’s keep it rolling!


Yet another type of encryption relevant to VPNs is the “handshake encryption”. This is essentially how the connection is validated to provide a secure connection. It helps avoid you potentially connecting to a bad actor and being attacked. For maximum protection, look for RSA-4096.



Top pick in security:

  • ExpressVPN


ExpressVPN is a well known provider with excellent built-in security. They have all the bases covered – AES 256 encryption, DNS leak protection, kill switch, the whole shebang.



Fail Safes


When things go wrong, it’s best to know you’re covered.


VPNs aren’t perfect and sometimes they leak information. This is hard to avoid, but what matters is that there are systems in place to deal with these things. One of the biggest worries here is what is called a “DNS leak”.


A DNS leak is what occurs when the service reveals your DNS (Domain Name System) requests. This means that your traffic is no longer concealed and anyone, such as your ISP, could see what websites you’re visiting.


This should be addressed by the VPN provider with leak protection.


A good VPN should provide a kill switch feature. A kill switch will prevent you from connecting to the internet whenever you have lost connection to the VPN server, preventing you from connecting in an unprotected state and exposing yourself.


Don’t expose yourself… it’s rude.


There are other things you can do to abate IP leaks, aside from using your VPN. Several tools and plugins can be used to provide further protection, and I suggest you use them. One good tool to note is a browser plugin called, “Disable WebRTC”. This nice little security plugin addresses an issue with a communication protocol, called WebRTC, leaking your IP. You can also do this yourself, using config files and settings in your browser, and I would recommend you do this. But if you’re not savvy enough for that, find yourself a reputable plugin to use. JavaScript (which is the culprit for the WebRTC leak) can be a loudmouth sometimes, and using something like NoScript can also greatly improve security. Although, as a side note to that, this tool can break website functionality since it severely limits or disables JavaScript, so I suggest this only if you’re confident in its use.



Top pick in fail safes:

  • NordVPN


Yep, it's NordVPN, again. This was hard to choose a single provider to put here, as all of these VPN providers are good; But Nord has excellent methods in place to fail safe your connections. They have your basics (killswitch, DNS leak protection, etc.) but they also utilize double encryption, and smartDNS, which helps with geoblocking.



Ease of Use


What good is a VPN if you can’t use it? Though VPN software has come a long way, some are still not entirely user friendly. But this is quickly changing. This is something you’ll need to be comfortable with when choosing a VPN.


You’ll need to be confident in how it is set up and used. Not to worry, as many of these can simply be downloaded as a packaged product and work “out of the box”. Don’t be afraid of it, though! If you have to do a little setup to get it going, then go for it. Many VPNs come with user guides or resources on their website to help you with any necessary configuration. You can do it… I believe in you. I guess… Nah, you got this.



Top pick in ease of use:

  • TrustZone


TrustZone provides an easy one-click install and an easy-to-run application for those users who don't want to spend too much time in setup. The software automatically connects to the appropriate server for you and reconnects, should you lose that connection.



Bonus Goodies


If your waffling between a couple options, then some of these things may help turn the tide.


Take into consideration the method of payment the VPN provider accepts. Going the extra mile to accept anonymous payment, such as cryptocurrencies is a pretty nice gesture and an indication that the provider is serious about privacy and anonymity. Some will even accept cash payment. Others may require setup through credit/debit card.


Also consider the way in which you must sign up for the service. Some providers require no personal information to use their VPN, which is just one more way in which you’re protected.


Trials. We’ve all probably used a trial of a product we were thinking of purchasing, right? Some providers have one and some don’t. This is mostly to prevent abuse, such as piracy, among other things. However, having one is just another thing that isn’t quite essential, but is nice to have at your disposal.


There are some providers who also contribute to privacy causes, such as the EFF (Electronic Frontier Foundation). If that tickles your fancy, then there ya go! I’m not sure what fancy tickling entails… but if that’s your thing, by all means, have fun with it.



Summary


  1. Jurisdiction – Somewhere outside of the Five, Nine or Fourteen Eyes

  2. Privacy Practices – No data logging

  3. Reliability – Good network speeds, good number of connections & devices

  4. Server Choices – A good amount of servers and server locations

  5. Security – AES-256 data encryption, RSA-4096 handshake encryption

  6. Fail Safes – A “kill switch”, DNS leak protection

  7. Ease of Use – Easy to set up and use, “out of the box” functionality

  8. Bonus Goodies – Accepts anonymous payment, requires no personal information to set up



Tools to help you in your venture


Here are the security tools mentioned:

  • Disable WebRTC

  • NoScript


Feel better equipped?


Not only can you rest easier with privacy, but you can feel a little bit safer while roaming the digital landscape. Remember though, nothing is perfect, and there are always trade-offs. Not a single tool out there will solve the myriad problems posed by the digital age. You still have to do your part and use good privacy practices yourself in order to truly benefit from any tools or services you may use. A VPN can be a great tool, but it’s only one link in the chain of defense, and relying on one for the wrong reasons or with little knowledge of what it is and how it works can lead to user error or worse. The digital landscape is a scary place. Nothing beats good ol’ knowledge and information. Stay safe out there!


Oh, and tell Gary that he’s invited again. I’m sorry. We love you, Gary.