Posted in Security

Now that secure https connections are widely in use, do we still need VPN?

VPN (Virtual Private Network) is an essential tool for better online security. Remote workers, travelers, and everyone who wants to be safer on the internet can protect their sensitive data and to a certain degree also prevent leaking of private information to Facebook, Google and other personal data traders. Since almost all web sites have adopted secure https connections, do we still need VPN? Here are a few options to consider.

The mission of a VPN is to create a secure connection between two computers on the internet. For instance, a node is a personal mobile device or a laptop, and the other node is a cloud server somewhere on the internet. A VPN software runs on both nodes, and creates a virtual, completely protected tunnel between them. No one from outside the tunnel can see inside. All data transmitted inside the tunnel is safe.

All information traveling on the internet used to be clear text by default. VPN was the perfect technology for securie networking because it encrypts the information, hiding it from outsiders. HTTPS web connections are encrypted as well. What’s the difference?

First, we run many type of applications on our mobile devices and laptops. Https protects connections from a web browser to a web site, but what about email, calendar, messaging, business applications, photo sharing, or social media apps? To be 100% sure that all your online connections are protected, VPN still is the best technology.

Second, VPN has another benefit: if you subscribe to a commercial VPN service, you can choose the location of your server. This is handy when you want to pretend that you are in London, although you have flown to Boston.

Travelers often resort to public Wi-Fi hotspots, hotel internet access points, and perhaps Wi-Fi at an Airbnb accommodation. The problem is that it is impossible to know what these hotspots really do, and what software they are running. Passwords, bank credentials, and other private data is open to anyone to spy if traffic is not encrypted.

Three easy options for securing your online traffic when traveling are a 4G / Wifi router, subscribing to a VPN service, and setting up your own VPN.

Huawei 4G Wi-Fi router access point
Portable Huawei 4G / Wifi router.

Option 1: Always use your own 4G / Wi-Fi router, never connect to a public or Airbnb Wi-Fi hotspot.
A portable router is a phone size – a bit bulkier – battery-powered device. A SIM card with internet access is required to make it work. Then, all your wireless devices can establish WiFi connection to this router. The router is connected to the internet via a 3G, 4G or 5G mobile network (that’s why it requires a SIM card). You never have to access any other Wi-Fi hotspots, but your own.

VPN complements this setup, ensuring that all connections in all applications are protected.

The downside of the router option is that you have to manage the SIM card subscription or a pre-paid plan. If you want to use local SIM cards when traveling, which usually is the lowest cost option, it can be troublesome and time consuming to get one in some countries.

Option 2: Subscribe to a VPN service.
Plenty of reliable VPN services are available for a few of euros/dollars per month. Subscribing to a VPN service is by far the easiest and the most flexible option because you get an additional benefit: you can connect to online services that require that your computer is in a specific country.

Find a service that provides a client VPN software for all devices that you have. A comparison of VPN services has ranked the best ones, but Proton VPN is widely regarded as one of the most reliable and recommended for privacy-minded users.

The downside of commercial VPN services is that they may archive the data that has passed through their servers.

Option 3: Set up your own VPN service.
Tech-savvy people can set up their own VPN service. Common methods to achieve this is to subscribe to a VPS (Virtual Private Server)available from a hosting company, or setting up a computer at home that can be accessed from the internet.

wireguard vpn on mobile phone
Wireguard VPN on a phone.

Wireguard is a VPN software that doesn’t require black magic skills to set it up. It doesn’t require much computer resources, but it is possible to run it on a server that is doing other things, like hosting a Nextcloud service. Instructions for setting up Wireguard VPN are here. Wireguard is free open source software.

This is the ultimate solution for people who want to be sure they always have secure internet access and who want to carefully manage their privacy. The downside is that you have to have technical knowledge to set it up.