Virtual Private Networks or VPNs tell you through their advertising that if you want to stay safe from government snooping, you have few better alternatives than the services that they provide. This is misleading advertising though. Using a VPN doesn’t always keep you safe.
VPNs: An Answer to the NSA?
Ever since Edward Snowden outed the government on its spying of private citizens through the NSA, businesses providing Virtual Private Network service have gone all out promoting themselves as the answer. If you don’t want the government to be able to spy on you, they tell you, all you need to do is to get VPN service. Unfortunately, it isn’t as simple as that.
What is a VPN?
If you wanted to connect two computers together at home, you would either use Wi-Fi or buy LAN cabling to connect them. With the connections made, you would have a tiny local area network at home. Assuming that there was no outside connection coming into one of these computers, your network would be completely private.
What if you wanted to create a private network between a computer that you had at home and one that a friend had in another city? You couldn’t run a LAN cable across cities, certainly. This is where you would employ a VPN. You would put the existing wiring of the Internet to use, connecting the two computers through the Internet. Your connection would remain private too — in the virtual sense.
How could two computers be on a private connection if they were connected through a public system? The answer is that they could use encryption. No other computer on the same network would see what they did. In other words, they would be a virtual private network or a network that’s private for all practical purposes.
When you sign up to a commercial VPN service, your subscription gives you access to a computer on the VPN service’s premises. You get a virtual private connection to that computer. Any time you may wish to get on the Internet, you access that computer and view the Internet through it. Anyone spying on you will merely be able to see you going on the website of the VPN service. Wherever else you may go through your private connection — Facebook, a bootleg movie site or anything else — they wouldn’t be able to see.
The problem with using VPN to escape the NSA’s spying
The idea with using a VPN to escape the NSA’s spying is this: since what you do once you’re logged on is encrypted, the NSA won’t be able to see it. If this is so, though, how come members of the British hacking groups LulzSec and Anonymous were run down by the British spy agency GHCQ even when they were using VPNs (See link here)? While details are unclear, apparently, GHCQ was able to hack into the VPN’s servers.
There are other possibilities. If you use a US-based VPN or a UK-based one, they are subject to government regulations. Just as the NSA go to Google, Facebook and Bing and demand to look at their records, they can go to the VPNs and look at their logs too. The FBI has successfully done this kind of detective work already, ordering VPN Hide My Ass to turn over information. It led to the arrest of a 23-year-old hacker in Phoenix, Arizona, called Cody Kretsinger.
Are VPNs not the answer then?
VPNs certainly can give you privacy from government spying. You need to find one that keeps no records, though. If there are records of the websites that every customer goes to, they can always be subpoenaed by the government. TorrentFreak, a website about online privacy and torrents, has a list of VPNs that keep no records whatsoever.
VPNs can keep you safe but only if you’re careful about which service you choose.