Jörn's space

When networks became established in the companies, there was soon a desire to connect to the internal network from outside. The main reason was that you could access its resources in this way. For example, field staff wanted to access files stored on the internal file server. Of course, it would have been a possible way to make the server accessible from outside. It is obvious, however, that this might not be the optimal solution from a safety point of view (not that this has not been done anyway and probably is still being done). It is better to connect to the internal network from the outside and then become a part of it. VPNs (Virtual Private Networks) were introduced for this purpose. The employee then logs on to an externally accessible server with a specific protocol and then can work on it as if he were directly connected to the local network. To ensure that this connection via the VPN is also secure against interception, it is encrypted. This protects company secrets.

Reasons for a VPN in a private environment

Over time, VPNs have become more and more common. Like in universities, for example, so that students can connect to the university network. VPNs are also being used more and more frequently in the private sector. It is no longer necessarily a matter of logging into another network, but of accessing the Internet from somewhere else and masking where you actually come from. There are actually three main reasons for this:

1. Unblocking geoblocking
   This is surely the reason most people in these parts are familiar with VPNs. Usually, it is then a matter of getting content from other countries that is not available in your own country for licensing reasons. Certain content of Netflix and YouTube is usually limited to certain countries. This also applies to the media libraries of major television and radio stations and, above all, to sports streaming. If you now connect to a VPN and a server in the respective country, the content provider will assume that the user comes from this country and offers the content to him.
   Of course, this approach has now also been recognized by Netflix and Co. and under pressure from right holders, they also try to take action against it. It is a cat-and-mouse game, where some providers have specialized in the meantime.
2. Access blocked content
   This use case is quite similar to the previous one. However, this is about accessing content blocked by the government or Internet providers. This applies above all to countries in which Facebook, Twitter or even Wikipedia are blocked, for example. Here, too, the user accesses a server through the VPN in another country, where these contents are not blocked. Such countries are for example Turkey, Russia or of course China. The latter is a particularly good example of how governments are well aware of this loophole and the “Great Firewall” cannot be tricked with this. In other countries, where private Internet providers in particular are forced to filter content, VPNs are less rigorous and technical hurdles are significantly lower. But even this is becoming more and more a game of cat-and-mouse.
3. Privacy
   That should be the reason why everyone would actually use a VPN. And that is probably the rarest reason why people actually use VPNs. The advantage is obvious: The user connects to the server of the VPN provider. Even with a data retention you only see in the log files that you are using this VPN, but not what is being done about it. On the other hand, in the log files of the web server, for example, you will only see that the VPN server has accessed the website, but not where the actual user comes from. Only the VPN provider knows its IP address. This is also one of the reasons why VPNs are viewed with suspicion by some governments and banned directly by others. Because then it is no longer possible to trace who accessed what and when, and data retention, for example, is running into the void.
   But the reason does not even have to be that you really have something to hide. If you connect to a public Wi-Fi connection, you never know exactly whether you can really trust the provider and whether he has really secured the Wi-Fi. For example, some safety deficiencies have been identified in the Wi-Fi network on Deutsche Bahn trains, which make additional security worthwhile.

Limits of a VPN

What a VPN cannot do is prevent tracking while browsing. If the advertising industry wants to track someone, this is usually done through cookies. These are also set and stored when using a VPN. If you want to prevent this, you have to use certain browser techniques like the anonymous mode or special plugins. And even then, devices can still be reliably identified by fingerprinting. This technique uses various parameters (device manufacturer, device type, browser resolution, language, etc.) and enables more or less unambiguous identification.

Not every VPN is secure

Now the question is which VPN to use. The answer is much more difficult than expected, because on the one hand it depends on the specific use case, but on the other hand not necessarily first and foremost on features or speed. Instead, you should pay attention to the price. More specifically, that the VPN costs money at all. Because the question a user should ask himself is, with what the VPN provider earns money at all. Because the VPN infrastructure costs money and since this is usually still to be earned, you also need a source of income. If the money does not come from the users, it is very likely that the users’ data will be turned into money. This means that the provider logs everything the user does and later sells it to other companies. And because it has to store the data somewhere, even government agencies can access it, which makes it dangerous to use in certain countries. Therefore, a VPN should cost money and also have a “no-logging policy”. Only then should you consider criteria such as which countries are offered or additional features. Generally speaking, it is not possible to rely on the relevant comparison portals, since it is here only about which provider pays the most to the portal (keyword affiliate).

Are VPNs evil?

A note on the ethical side: VPNs can of course also be used to do illegal things. Be it Bittorrent, terrorism or anything else, with a VPN, criminals can hide easily. But this applies to almost everything that can be found in this area, be it encrypted messaging, file encryption or other techniques that protect privacy. All this can always be used for evil. I think it is not acceptable to ban these technologies for everyone because they abuse some of them. But this discussion is taking place at several levels.