# Sticky  What is a VPN and do I Need One?



## zx10guy

To add more color around this discussion around "VPNs", the term has been entirely distorted by companies marketing their services. VPN stands for virtual private networking. The function of a VPN is to create an encrypted tunnel between two points. The use of VPNs is done to provide secure communications between two points over an untrusted network. So keep this in mind. In the beginning, businesses used this technology to allow communication between branch offices or remote employees to main offices over the Internet which we all agree is a very untrusted network.

Over time people figured out that they could also use this technology as a way to provide a launch point for subscribers to touch the Internet with a different identifier. What I mean as identifier is the public IP address which everyone gets when they're communicating on any given network. Your ISP assigns one to you and that IP address can provide specific information about you. It won't give information such as your name directly. But can eventually be traced back to you. These so called VPN services use VPN technology to create a secure tunnel from your computer to their network. From there, they repackage your Internet traffic to look as if it is coming from them directly and then drop it on the Internet. This is why the correct term for these services of which I will use is proxy services. The key thing to recognize is your Internet traffic is only "secured" between you and the proxy service. After that, when the proxy service drops your Internet traffic on the Internet, it's just as unsecured as it was if you just bypassed the use of the proxy service.

There are many reasons why one would use a proxy service. Cookiegal has alluded to some things which are illegal in nature. So I won't go into them. The other two reasons are to prevent your ISP from seeing your traffic or if you're at some public place using an untrusted public hotspot. The last reason is more legitimate use of these proxy services as I don't see any other proper use for these services. The marketing makes you think you're more secure using these services when surfing the Internet. This is totally false. If you have bad surfing habits where you touch questionable sites, you're still going to be at risk even using a proxy service. If you are doing banking, your bank has already instituted a secure method for you to do your transactions over the Internet. It's called SSL (secure sockets layer). When you see the padlock next to the URL, this tells you your communications are encrypted to this site. You can go further by clicking on the pad lock to examine the certificate being used. Typically the certificate is issued by a trusted authority such as Verisign. Remember what I said about the function of a VPN? Having an SSL session is creating a secure connection between your browser to the web server at the other end; in my example the bank. You don't need a proxy to do this.

The use of a proxy can also impact performance. I can get into a whole another discussion about why this is the case which is outside the scope of your question.

This question comes up many times on here. I really think my discussion above should be pinned on this security sub forum and the networking one. There are so many misconceptions of what proxies actually provide you and I've gotten into many debates with people on this.


----------



## zx10guy

Here are a couple of links from third parties which are messaging the same narrative I have posted above:

https://semsec.net/2018/01/16/vpn/?...F76dThZRaL1yNW_ilwHbK_BBD1R6_qS1OfdQgYk5SXjzU

https://beaconsandwich.co.uk/2020/0...V92ED3KxtRrC3_e6ieGdFMYlz0vwFw2voqFjUSn72ltNo

The message is if you are really worried about security and not your ISP seeing what you're doing, practicing safe web surfing will yield better results than using a proxy service.


----------

