Staying in is the most effective way to protect yourself during the pandemic, and that means a lot more time online at home. A VPN can help secure that critical connection.
By Max Eddy
A VPN adds a layer of privacy protection to your online activities by routing your traffic through an encrypted tunnel between you and anyone who tries to spy on you. It’s a technology that makes sense when you’re out and about using Wi-Fi networks you’ll never see again, but a VPN can also protect your privacy at home. Since most of us are spending a lot more time at home than we used to, it’s more important than ever to understand when you do (and don’t) need to use a VPN at home.
To make the most of a VPN, it’s important to understand its limitations. Its main function is to keep anyone—including your ISP—from monitoring your internet traffic and to make it harder for observers to trace online activities back to you.
Even with a VPN, advertisers and snoops may still be able to gather data about you. We recommend using a tracker blocker, such as the EFF’s Privacy Badger. The built-in tracker blocking capabilities of browsers such as Firefox are also important for protecting your privacy.
It’s also important to know that much of your web browsing is already encrypted with HTTPS, although not all of it. Using a VPN covers the little that HTTPS can’t and also protects against ISP snooping very effectively.
PCMag also strongly recommends using antivirus software on your devices, enabling multi-factor authentication wherever it’s available, and using a password manager. These will all protect your devices and data from the most common threats.
Outside your home, it’s hard to tell which networks you encounter are safe. If you’re at a coffee shop, for example, how can you tell which Wi-Fi network is legitimate? Unless the SSID is posted somewhere, you’re just going to have to guess. Clever bad guys will set up access points with familiar names, hoping to trick people into connecting. Once victims are online, the bad guy executes an attacker-in-the-middle attack, potentially monitoring your web traffic and even intercepting some of it.
An attacker doesn’t even need to trick you; they just need to trick your phone or computer. Many devices are configured to reconnect to familiar networks by default. But if an attacker uses the same name of a popular Wi-Fi network—think Starbucks or Boingo Hotspot—your devices may automatically connect, even without your knowledge. This is easier than you think, since many businesses have easy-to-guess Wi-Fi network names.
Both of those attacks require a lot of guesswork, but a good attacker won’t bother with that. Instead, they’ll configure their evil access point to switch SSIDs to match the ones devices are asking for. Granted, this is an exotic attack but one that can be carried out successfully. At the Black Hat conference a few years ago, a security vendor detected an evil access point that had changed its SSID 1,047 times, tricking 35,000 devices into connecting.
These are situations in which you definitely need a VPN. The encrypted tunnel it creates blocks anyone on the same network as you—even the person managing the network—from seeing what you’re up to.
For the most part, we can be assured our home networks are safe. It’s very unlikely a bad guy could break in, replace your router, and then wait for the good stuff to roll in. For one thing, that’s just too much work. But for another, attackers need more than one successful hit to make an attack worthwhile. They want to rack up as much information from as many victims as possible. Unless you live in an airport, it’s unlikely there’s enough foot traffic in your home to justify an attack.
But there are threats to consider when at home. The biggest one is from the companies that provide access to the internet. The US Congress has allowed ISPs to sell data about users and their online activities to anyone interested. ISPs say this information is anonymized, but the idea is still unnerving. A report from the FTC paints a damning picture of ISPs intruding on customer privacy.
ISPs aren’t the only entities interested in what you’re doing online. A VPN makes it much harder for an outside observer, such as an advertiser, to correlate your online traffic to you. Keep in mind, though, that there are numerous other ways to be tracked online, and a VPN won’t protect against all of them. A determined and well-funded attacker can likely achieve their goal, given enough time.
At least half of all VPN use isn’t for personal protection—it’s also for streaming video. That might seem odd, considering the negative effect that VPNs have on your upload and download speeds, but it makes sense. Here’s why.
Not all streaming video content is available everywhere. Each streaming service has a contract to carry shows and music that are sometimes limited to specific areas. The shows and movies available to US-based subscribers may be different than the ones for UK subscribers, for example.
That’s where VPNs come in. You can use one to tunnel to a distant server and access content restricted in your home country. This trick is also useful for sports fans seeking matches or commentary unavailable at home. Sometimes the best games aren’t available to US audiences, or the US coverage is so annoying that die-hard fans would rather see how the BBC or CBC handles the games. Note, however, that many companies, especially Netflix, are adept at detecting and blocking VPN use.
VPNs are all about securing your traffic from prying eyes, and that’s sometimes a problem when you want your traffic to be seen. If you live in an especially smart home, you’re likely to encounter some problems with using a VPN.
One solution to this problem is to look for a VPN that offer split-tunneling. This lets you designate which apps and sometimes which URLs must use the VPN connection and which should not. Some VPNs make it even easier by allowing local area network (LAN) traffic, meaning the machine using the VPN can still talk to the devices on your network.
Alternatively, you can install the VPN on your router. That way, all the data from your local network to the internet is funneled through the VPN, giving you all the protection without causing any of the fuss on the local level. Setting up your router to use a VPN can sound daunting, but some VPN companies will sell you a preconfigured router so you can give it a try. Still, this solution is not for everyone; it’s perhaps best left to people with a determined DIY sensibility.
Services like Apple AirPlay and Google Chromecast also aren’t likely to work when you’re using a VPN. You’ll likely have to switch your VPN off to use these services.
While many people are using VPNs to stream online content, many (if not most) streaming services are very good at blocking VPN usage. One possible solution is to purchase a static IP address from your VPN provider. These “clean” addresses aren’t associated with VPNs, giving you a better chance of slipping past attempts to block your access. But keep in mind that there’s no guarantee these IP addresses will be a free pass for streaming.
Speed will always be an issue with VPNs. When a VPN connection is active, your web traffic is going through more machines and more fiber. The result is increased latency and slower transfer speeds. Not all VPNs are the same in how much they affect your connection, but you will see some impact.
In truth, the answer to the question of whether you “need” a VPN in your house is going to come down to your own preferences. There are lots of good reasons why a home VPN might be a valuable addition to your security and privacy arsenal, but what’s most important is whether you will use it. If you find yourself too frustrated with reduced internet speeds, or juggling streaming devices, don’t use a VPN at home. An unused tool isn’t useful to anyone.
But Congress allowing ISPs to sell anonymized data about their customers is a huge motivator for VPN use. It’s why we recommend keeping your VPN switched on as often as possible, even at home.