Published June 1, 2023, 9:20 p.m. by Monica Louis
A visual guide into how a VPN works with helpful use cases.
Get more more info about NordVPN's offerings: https://nordvpn.com/animagraffs
I use Blender 3D to create these models. It's free and open source, and the community is amazing:
You may also like to read about:
i'm jake o'neil
creator of animagraphs
and this is how a vpn or virtual private
network works
this video is made possible by nordvpn
who graciously agreed to my request for
full control over the research and
visuals
to start
let's look at what normally happens the
moment you request content from your
device your device and every connected
device in your home
has its own unique address on your local
network it's a special number called an
ip or internet protocol address
when you ask for content on your device
that request is sent to your wi-fi
router as a little packet of data with
identifying info about which device made
the request what content they're asking
for and more
your wi-fi router hides local device ips
under its own address
but remembers which device sent the
request
it sends this freshly wrapped packet
along to your modem which is your
connection to the outside world
the packet goes from the modem to your
isp or internet service provider's
closest connection point
your isp updates the packet again giving
it an ip address on their network this
address is visible to the whole internet
and it locates you to a general area of
internet service where you live
sometimes within a block or two
the content you're looking for is a file
or files on a specific server somewhere
in the world that server has an ip
address too and it's your isp's job to
find it
and route your requested content back to
you but companies don't just have one
server they can have thousands of
servers all over the world duplicating
and balancing content to all of them at
once dynamic name servers take the easy
website or app names we use
and link them to tons of possible server
i p addresses to find the closest one to
you this is called dns lookup
your isp sees and records this whole
process keeping detailed logs of
requests you make
ips they assigned to you
and what sites you connect to
so what can't your isp normally see
once your request arrives at the right
server and if that server is using https
as indicated by the little padlock in
your address bar packets exchanged
between you and that server are
encrypted
meaning scrambled so no one in between
can read it
you and the site have exchanged secret
keys and can decrypt or unscramble this
data as you send packets back and forth
enter the vpn or virtual private network
you've signed up for a vpn and set up
their software on your device let's see
how that changes things for you
there are infinite ways to configure and
use a vpn but let's go with the setup in
which you've asked your vpn to handle
all your data the vpn software encrypts
your data before it leaves your device
it's already scrambled when it hits your
wi-fi router your isp still carries this
scrambled data from your home to its
servers but the next connection point is
your vpn's server network from here on
out the vpn handles the rest of the dns
lookup process much like before but with
some crucial differences
your vpn does not keep logs on which
local ip address they assigned to you
it's hidden from the server you
eventually connect to instead that
website or app just sees some random ip
address from one of your vpn servers
your vpn does not keep logs on what
sites you connect to or what you do
there the entire path from your device
to your destination is encrypted and
your activity isn't recorded
useful scenarios
let's look at how using a vpn might be
really useful for you
secure connection
all your data is encrypted before it
leaves your device wi-fi connection
points can be unsafe for example when
traveling or at a coffee shop
a honeypot attack is when someone sets
up a convenient wi-fi connection with
the intent to secretly intercept all
data going through it sure the https
encryption on specific sites might keep
some of your data safe even so but
there's no way to know for sure how much
info someone could get about you this
way
privacy
your internet service provider can see
scrambled data going to some ip address
and might know it's a vpn server your
isp can see the times you connect to
your vpn and how much overall data flows
through that connection they don't know
anything else about your activity
isps have a terrible track record for
privacy
even with https connections the general
routing info on packets called metadata
can be collected and used against you
for example to send dmca notices about
transferring data from servers with
suspected copyrighted content
isps have been known to throttle
connection speeds based on your activity
or they may sell your metadata or any
other data they can collect about you to
marketers a vpn can help prevent these
unwanted intrusions
bypassing blocks
some countries have aggressive firewalls
to block or sensor content not just
accessing websites but also sending
sensitive files from your device to
somewhere else vpn encrypted data may
help bypass these blocks
some content is location restricted
meaning the server doesn't allow
connections outside a specific
geographic location large vpn providers
have servers all over the world and let
you choose where you'd like to appear to
be from to bypass these location
restrictions
limitations
now let's look at what a vpn might not
be able to do for you
logs
first and foremost if a vpn is keeping
logs of your data and activity that
information can be forcefully obtained a
shoddy vpn service isn't much better
than your isp
it's a question of who you trust more to
handle your info
vpn legality and blocking in some
countries even using a vpn at all is
illegal and they may go to great lengths
to block entire ranges of vpn ip
addresses
going with the vpn that has lots of
available servers that are updated
regularly
might help stay ahead of things here
some vpns offer obfuscated servers that
further remove identifying info from
packets so the data is less likely to be
identified as vpn traffic but at a
possible cost in performance
privacy versus anonymity
a useful generalization is that vpns are
good at privacy but may not give you
anonymity if you log into your accounts
while using a vpn they might not know
where you are but they do know who you
are even if you're not logged in a site
might do what's called browser
fingerprinting which is accessing unique
details about your device like fonts
installed browser or os version device
type etc and use those unique traits to
link a device to your identity
deep packet inspection
some networks might be subject to deep
packet inspection where automated
software searches packets for specific
info even with encryption there's
speculation that deep packet inspection
can still see what data seems to look
like this is comparable to a wrapped
gift with a telltale shape
opsec
to combat these limitations you might
adopt new behaviors to keep public and
private activities separate some vpns
allow split tunneling which means you
can choose what traffic goes over the
vpn and what does not
conclusion
on the whole if a few bucks a month lets
you access your favorite british tv
shows more confidently use the free
wi-fi at that cd hostel download the
office or stop giving your valuable data
away to unscrupulous isps and marketers
for free a vpn is a great choice on the
other hand if you're going the
international spy route and need
hardcore identity sterilization to
combat a hostile nation state a vpn is
probably not your only solution
2CUTURL
Created in 2013, 2CUTURL has been on the forefront of entertainment and breaking news. Our editorial staff delivers high quality articles, video, documentary and live along with multi-platform content.
© 2CUTURL. All Rights Reserved.