In many cases, each of these offices also have LANs. But how do the LANs connect? For some very specialized solutions, companies lease private lines to connect the offices. That can be very expensive. Instead, most companies opt to geographically connect separated private LANs over the public internet. To protect their data, they set up VPNs between offices, encrypting the data as it traverses the public internet.
Here's the problem with the internet: It's inherently insecure. When the internet was first designed, the priority was to be able to send packets (chunks of data) as reliably as possible. Networking across the country and the world was relatively new, and nodes often went down. Most of the internet's core protocols (methods of communicating) were designed to route around failure, rather than secure data.
The user’s certificate could be stored on the VPN client computer or in an external smart card. In either case, the certificate cannot be accessed without some form of user identification (PIN number or name/password credentials) between the user and the client computer. This approach meets the something-you-know-plus-something-you-have criteria recommended by most security experts.
If you’re seriously concerned about government surveillance—we explain above why that should be most people’s last consideration when choosing a VPN—some expert sites like privacytools.io recommend avoiding services with a corporate presence in the US or UK. Such experts warn about the “14 eyes,” a creepy name for a group of countries that share intelligence info, particularly with the US. IVPN is based in Gibraltar, a British Overseas Territory. We don’t think that makes you any worse off than a company based in Switzerland, Sweden, or anywhere else—government surveillance efforts around the world are so complicated and clandestine that few people have the commitment, skills, or technology to avoid it completely. But because Gibraltar’s status has been a topic of debate in other deep dives on VPNs, we’d be remiss if we didn’t mention it.
The problem with anonymity is there are so many issues to consider—most of which are beyond the scope of this article. Has the government surreptitiously installed malware on your PC in order to monitor your activity, for example? Does the VPN you want to use have any issues with data leakage or weak encryption that could expose your web browsing? How much information does your VPN provider log about your activity, and would that information be accessible to the government? Are you using an anonymous identity online on a PC that you never use in conjunction with your actual identity?
Chrome starts to mark old-fashioned HTTP sites as ‘Not Secure’ in the address bar. If you have already updated Chrome to version 68 this week, you would probably be surprise at seeing a huge amount of HTTP sites are not secure overnight. That’s to let you know that the site you’re visiting is not HTTPS-enabled, and the traffic is being transmitted over the old, less secure HTTP protocol. That means a hacker could spy on the data you’re sending and receiving from the site in question (such as passwords and credit card numbers), and even hijack the connection to run a phishing scam or redirect you to a malware-laden page.
The sheer amount of VPN jargon can be overwhelming, even if you are pretty tech-savvy. Do look out for OpenVPN though, as this connection protocol offers the best overall blend of speed and security. Ignore talk of military or bank-grade encryption and just look for AES-256, as that’s the gold standard. Unless you know your DNS from your IPv6, a VPN killswitch is the main thing to look out for among security features as it will protect you from exposing your real IP address should your connection drop unexpectedly.
Google has launched Chrome on Google Daydream View and the Lenovo Mirage Solo with Daydream. If you have one of these headsets, you can launch Chrome directly from your homepage to browse and interact with any webpage while in VR. Chrome aims to be a universal browser on all types of devices and operating systems. This is also true for the new VR version. All the features you love on Chrome, from voice search to incognito mode to saved bookmarks, are now accessible on your Daydream headset.
Some users will also want to research a VPN provider’s peer-to-peer (P2P) file-sharing policies. There are VPNs that block torrents. Others turn a blind eye to them, but will sell you out in a heartbeat should you be up to no good. P2P is not our main focus here, but we will note in each review whether a particular provider allows file sharing or not.
VPNs also cloak your computer's actual IP address, hiding it behind the IP address of the VPN server you're connected to. IP addresses are distributed based on location, so you can estimate someone's location simply by looking at their IP address. And while IP addresses may change, it's possible to track someone across the internet by watching where the same IP address appears. Using a VPN makes it harder for advertisers (or spies, or hackers) to track you online.