Protect your digital privacy with Silent Pocket’s product line of patented Faraday bags, phone cases, and wallets which will make your devices untrackable, unhackable and undetectable. Use discount code “sharedsecurity” to receive 15% off of your order during checkout. Visit silentpocket.com today to take advantage of this exclusive offer.
Gaya Polat: Hello.
Tom Eston: Alright. So first question about VPNs is, maybe for our audience that may not be familiar with VPNs, what is a VPN and why should someone use one?
Gaya Polat: A VPN stands for virtual private network. Is a tool that routes your online information through specialized service. What this means is that it routes your traffic and then encrypts your data. So by doing so, VPNs hide your online activity and protect you from the many danger on the web, whether it’s hackers, data selling, identity theft, and more. So using a VPN keeps your online activity private and safe, therefore it minimizes the chance that you’ll be hacked. But there are other reasons people use VPNs. One of the more common reasons people have been using VPNs is to access geo-block content. And the way a lot of content online works, let’s say Netflix or Hulu, they have different catalogs based for different countries and places. So if you’re an American, for example, who now is spending a semester in England or anywhere else, you’re gonna see that your Netflix catalog has changed. So a lot of people have been using VPNs to access content that is blocked.
Gaya Polat: Another very popular reason people have been using VPNs is, sports fans have found VPNs to be quite useful, because a lot of the times like let’s say you want to watch a certain UFC fight on your pay-for-view, it can cost around $80, but there’s a very likely chance that somewhere in a different country, let’s say the United Kingdom, France, or Canada even, you can watch the game on a regular cable channel. So by using a VPN, you can access that quite freely, and before every important boxing or UFC match, you can… We tell you the best way by using a VPN to watch the game or the fight. There’s also a different segment of people who use VPNs because they want to overcome their local censorship laws. Sadly, some countries don’t have free internet and free online access, and they simply need a VPN to use, for example, in Turkey, Wikipedia is blocked. So whenever someone from Turkey wants to access, say, Wikipedia, they need to use a VPN. Russia, almost all online social media is blocked. So we see a lot of users from Russia. That is it. Yeah. Those are I think the main reasons people use VPN.
Tom Eston: Yeah, that’s great. Lots of good things, especially if you’re in a country that may be censored, like you said, or access to different types of entertainment content that may not be available in your region or region of the world. And of course user privacy which is definitely a big one. So having said that, with all the great use cases for a VPN, what are some of the disadvantages that come with using a VPN?
Gaya Polat: So first of all, as you said, there are a lot of advantages to using a VPN, but it’s not a magic potion that you can use and everything will be great. For example, it will not protect you from phishing scams or having your personal data leaked in certain cases. For example, if you entered your personal information to Facebook and that is hacked, even if you use the best VPN, that will not save your private information.
Gaya Polat: There is also an issue with speeds, because by default, what a VPN does, as I said, it is that it routes your internet data through a different server. So that means that by using a different server, it can add a bit of lag time to your speed. So when you choose a VPN, you want to choose a VPN that has servers in a lot of countries and a lot of servers. The more servers it has, the more the user usage of the different servers will be spread out, so there will be sort of less traffic. If you want, you can see on our website the different VPNs and the servers they have and the different speeds. But generally speaking, the top brands all have a lot of servers.
Gaya Polat: And another thing that can be a big disadvantage when using a VPN has to do… If you turned copyrighted content, then you need to make sure that the VPN you use does not keep blocks because in some countries, like let’s say for the US, your ISP can be required to give your information if it is asked when turned in. And if the VPN keeps logs, then it has to give your information to the ISP. So if you’re using torrent websites, then you need to make sure, absolutely make sure that it could get you in a lot of hot waters.
Gaya Polat: And the last thing to know about VPN usage is that some sites block users using a VPN. So, this is especially true if you want to access your bank account. And then they can sometimes block it to prevent foreign people accessing your bank account. So, this can sometimes be a nuance or something that is very annoying to have to disconnect to connect to certain websites, but those are the big disadvantages.
And now a word from our sponsor, Edgewise Networks.
Organizations’ internal networks are overly permissive and can’t distinguish trusted from untrusted applications. Attackers abuse this condition to move laterally through networks, bypassing address-based controls to spread malware. Edgewise abstracts security policies away from traditional network controls that rely on IP addresses, ports, and protocols and instead ties controls directly to applications and their data paths.
Edgewise allows organizations to analyze the network attack surface and segment workloads based on the software and how it’s communicating. Edgewise monitors applications and protects data paths using zero trust segmentation.
Visit edgewise.net to get your free month of visibility.
Tom Eston: So, what should someone look for when choosing a really good VPN, especially when we’re talking about protecting activities or protecting their privacy?
Gaya Polat: So that’s a great question. The most important thing is to skip free VPNs, because as you can imagine, if a company spends money hosting a large and broad server system, it’s quite expensive. It will cost them a lot of money. So as we found out with Facebook and Google, when something is given to you for free, there’s a catch. And it’s also true in the VPN world. If they’re giving you great speeds, and servers everywhere and everything for free, then something is wrong there, that’s a red flag. And usually that red flag means that your data is being searched by third parties, which is what we saw, for example, recently with the Onavo project that Facebook used. It was basically a VPN program that Facebook used to get all the data about how people were using the Internet and use it as a research tool. So that is one thing.
Gaya Polat: Either it sells, sometimes, we have seen with some VPNs that were free, that where tools used by the Chinese government to track their own citizens and how they were using the internet and or that were being used for a Malware or other hacks. So generally speaking, you would want to stay away from free VPNs. And what else you would want is you want to make sure, as I said before, that it has no-logs policy. So, no-logs policy means that VPN doesn’t log or doesn’t track, keep any history of your information. So that’s basically why you want to use a VPN for, as you said, for privacy. So you want to make sure that it’s actually private and nothing is kept. And other thing you would want is basically, you would want to have a VPN that uses AES-256, that’s the current state of the art encryption protocol. It’s considered a military grade encryption so that is one you want to keep.
Gaya Polat: And another thing, a lot of people, like your money, you want your privacy and activities to be hidden somewhere remote, way outside the jurisdiction of countries like the US, where it can’t be touched. So it’s the same for VPNs. You want a VPN server based in privacy havens like the British Virgin Islands, or Panama. And this is because a lot of countries like US, Canada, Australia, they have a data sharing agreement, which means that they can share your data with other countries. So you want to make sure your VPN is located in one of those privacy or tax havens. And generally speaking, the top brands in the VPN world are based in the British Virgin Islands or Panama. Two top brands that are based in those countries are ExpressVPN and Nord, but on our website, we have the list about where is each VPN based and you can look.
Gaya Polat: Yeah. I think those are some of the… As I said before, you want to make sure that it has a big server network, especially if you want it for content, for example, then you have to make sure that you have servers in that country that you want to access the content. And so if you want to have to access from the United States, the BBC, then obviously you need to make sure the VPN that you choose has servers in England, for example.
Tom Eston: So does vpnMentor provide a list of recommended VPNs based on your research?
Tom Eston: Yeah. And we’ll have links in the show notes for more information on vpnMentor and how to see those reviews of the top VPNs. I think that’s really important. And I like the phrase of, “Not all good things are free. You kind of get what you pay for.” [chuckle] I think that’s a…
Gaya Polat: Yeah, exactly. I think if we learned that in everywhere you look, I think Milton Friedman was the first person to say, “There’s no such thing as a free lunch.”
Tom Eston: That’s right.
Gaya Polat: I think in everywhere we look, every part, it’s always the same. If there’s something you get for free, then there’s some trade of. Some free VPNs are okay to use. We have at least on the website, but then either they would limit your data, which means you would not be able to use it for streaming, for example, or you get to watch ads, but there’s no perfect VPN, as there is nothing for free. There’s like… Which is very sad for maybe our bank accounts. [chuckle]
Tom Eston: Yeah, that’s right. Well, thank you very much for coming on the show, Gaya.
Gaya Polat: Thank you. It was a pleasure coming. Thank you very much for having me.
That’s all for this week’s show. Be sure to follow the Shared Security Podcast on Facebook, Twitter and Instagram for the latest news and commentary. If you have feedback or topic ideas for the show you can email us at feedback[aT]sharedsecurity.net. First time listener to the podcast? Please subscribe on your favorite podcast listening app such as Apple Podcasts or watch and subscribe on our YouTube channel. Thanks for listening and see you next week for another episode of the Shared Security Weekly Blaze.