I’ll start off by saying there are a few good reasons to use a VPN. But you can’t just turn on a VPN and think your protected. You also have to change your behavior. If you don’t do that then your wasting your money and maybe even leaking more meta data. So every time I see someone pushing a VPN as some kind of magic privacy solution without explaining things I cringe.
Why you might need a VPN
Your country is blocking parts of the internet.
If you live somewhere with an oppressive government you might find that some web content is blocked. So in this case a VPN could be helpful if you can find a VPN that itself is not blocked.
If you live in the USA this is not really an issue. Because if the US government decides a website is bad they take it off the internet. It’s not just blocked. But other countries don’t have this ability so they block websites.
You have a static IP address
This might be the biggest reason. If you have a static IP address at home then a VPN is useful in hiding your identity from websites you visit. Otherwise your IP address could be connected to your real ID. But if your logging into websites while on the VPN then the protection of the VPN is useless. Because now you have connected your login ID with the new IP address the VPN has given you.
Man in the middle attacks
Most web traffic is already encrypted today. But there are cases were a government or someone else can use a root cert on your computer to setup a man in the middle attack and decrypt your traffic to a website. Since Microsoft’s root cert it on just about every computer and Google and Apple have theirs on most phones its not unreasonable to think a government could demand their help in such an attack. Since VPNs use their own certificates this could in theory stop a man in the middle attack. This is probably why VPNs are blocked in places like china.
Things to be careful of when using a VPN
Don’t log into just any websites
The second you log into something like Facebook your VPN becomes useless because your real identity is now connected to it. I suppose some websites would be fine to log into depending on the data they have on you. But logging into social media or something like Google throws all the privacy benefits out the window.
VPNs are targets
A VPN provider is a big collection point for data and now all these privacy minded people have their traffic routed through one place. That sounds like a juicy target for someone with the ability to take advantage of it. Some VPN providers have been hacked in the past and i’m sure it will happen more in the future.
Honeypots
It also would not surprise me if some VPN companies are honeypots. I have no proof of this other then it seems like it would be so easy to do so I feel like there is a chance it has been done.
There are also legal gag orders that prevent a company from warning its customers if the government has subpoenaed data.
Understand how a VPN works
So in the end make sure you understand how a VPN works. Don’t get one and expect it to magically protect you just by turning it on.
I’m sure some people will say I’m wrong. Your welcome to give reasons why in the comments below.
But if you do want one make sure it’s a VPN you can trust and watch how you use it.
Update 7-8-2025: Its just as bad as I thought.
Naomi Brockwell just proved all my fears in this video she posted on X.
LOTs of people recommending "safe" VPNs without having actually researched any of their own recommendations.
— Naomi Brockwell priv/acc (@naomibrockwell) September 2, 2024
Be careful which VPN you install, there are many that harvest data & steal credentials.
2 VPNs that I like are @mullvadnet & @ProtonVPN 🛡️
Some 🚩s to watch for:
📺: pic.twitter.com/oA3TIgh21A
